Biblio

Predicting the success of a mobile game is a prime issue in game industry. Thousands of games are being released each day. However, a few of them succeed while the majority fail. Towards the goal of investigating the potential correlation between the success of a mobile game and its specific attributes, this work was conducted. More than 17 thousands games were considered for that reason. We show that specific game attributes, such as number of IAPs (In-App Purchases), belonging to the puzzle genre, supporting different languages and being produced by a mature developer highly and positively affect the success of the game in the future. Moreover, we show that releasing the game in July and not including any IAPs seems to be highly associated with the game’s failure. Our second main contribution, is the proposal of a novel success score metric that reflects multiple objectives, in contrast to evaluating only revenue, average rating or rating count. We also employ different machine learning models, namely, SVM (Support Vector Machine), RF (Random Forest) and Deep Learning (DL) to predict this success score metric of a mobile game given its attributes. The trained models were able to predict this score, as well as the rating average and rating count of a mobile game with more than 70% accuracy. This prediction can help developers before releasing their game to the market to avoid any potential disappointments.

Data security has become an increasing concern with rampant data security regulation changes and the rampant deployment of technology. The necessity to lock down user data has never been greater. This research contributes to the secure software development of Android applications by identifying data processing concerns following the guidelines put forth by the Open Web Application Security Project “(OWASP) Mobile Top 10.” We found that 43.62% of the applications contained at least one security violation. We will be using an open source tool static analysis tool, MobSF, to review the security of 200 health related Android applications. The security of healthcare related applications should be given special attention, as they store and process highly sensitive information such as blood pressures, pulse rate, body photos, mental-state, OBGYN status, and sleep patterns. Partial automation techniques were utilized. This paper also suggests possible security remediations for the identified security concerns.

This paper studies the modeling of cyber-physical dependencies observed within power grids and the effects of these intra-dependencies, on power grid resilience, which is evaluated quantitatively. A fundamental contribution of this paper is the description of the critically important role played by cyber-physical buffers as key components to limit the negative effect of intra-dependencies on power grids resilience. Although resilience issues in the electric power provision service could be limited thanks to the use of local energy storage devices as the realization of service buffers, minimal to no autonomy in data connectivity buffers make cyber vulnerabilities specially critical in terms of resilience. This paper also explains how these models can be used for improved power grids resilience planning considering internal cyber-physical interactions.

The supply chain network is a complex network with the risk of cascading failure. To study the cascading failure in it, an accurate supply chain network model needs to be established. In this paper, we construct a layered supply chain network model according to the types of companies in real supply chain networks. We first define the similarity between companies in the same layer by studying real-world scenarios in supply chain networks. Then, considering both the node degree and the similarity between nodes in the same layer, we propose preferential attachment probability formulas for the new nodes to join the exist network. Finally, the evolution steps of the model are summarized. We analyze the structural characteristics of the new model. The results show that the new model has scale-free property and small-world property, which conform to the structural characteristics of the known supply chain networks. Compared with the other network models, it is found that the new model can better describe the actual supply chain network.

The occurrences of accidents in mining industries owing to the fragile health conditions of mine workers are reportedly increasing. Health conditions measured as heart rate or pulse, glycemic index, and blood pressure are often crucial parameters that lead to failure in proper reasoning when not within acceptable ranges. These parameters, such as heartbeat rate can be measured continuously using sensors. The data can be monitored remotely and, when found to be of concern, can send necessary alarms to the mine manager. The early alarm notification enables the mine manager with better preparedness for managing the reach of first aid to the accident spot and thereby reduce mine fatalities drastically. This paper presents a framework for deterring accidents in mines with the help of the Grey Wolf Optimization approach.

The target of this venture is to give the protected correspondence among the associated frameworks in the system. It gives the vital validation to the record moving in the system transmission. It comprises of 3 modules in particular encryption and unscrambling module, secret key verification to the information that needs to transmit through system. In this system, File Transfer Protocol can be used to execute Server-client innovation and the document can be scrambled and unscrambled by sending the end client through attachment programming of the end client.

OAuth 2.0 is one of the most widely used Internet protocols for authorization/single sign-on (SSO) and is also the foundation of the new SSO protocol OpenID Connect. Due to its complexity and its flexibility, it is difficult to comprehensively analyze the security of the OAuth 2.0 standard, yet it is critical to obtain practical security guarantees for OAuth 2.0. In this paper, we present the first computationally sound security analysis of OAuth 2.0. First, we introduce a new primitive, the three-party authenticated secret distribution (3P-ASD for short) protocol, which plays the role of issuing the secret and captures the token issue process of OAuth 2.0. As far as we know, this is the first attempt to formally abstract the authorization technology into a general primitive and then define its security. Then, we present a sufficiently rich three-party security model for OAuth protocols, covering all kinds of authorization flows, providing reasonably strong security guarantees and moreover capturing various web features. To confirm the soundness of our model, we also identify the known attacks against OAuth 2.0 in the model. Furthermore, we prove that two main modes of OAuth 2.0 can achieve our desired security by abstracting the token issue process into a 3P-ASD protocol. Our analysis is not only modular which can reflect the compositional nature of OAuth 2.0, but also fine-grained which can evaluate how the intermediate parameters affect the final security of OAuth 2.0.

Mathematical morphology provides a large set of powerful non-linear image operators, widely used for feature extraction, noise removal or image enhancement. Although morphological filters might be used to remove artifacts produced by image manipulations, both on binary and gray level documents, little effort has been spent towards their forensic identification. In this paper we propose a non-trivial extension of a deterministic approach originally detecting erosion and dilation of binary images. The proposed approach operates on grayscale images and is robust to image compression and other typical attacks. When the image is attacked the method looses its deterministic nature and uses a properly trained SVM classifier, using the original detector as a feature extractor. Extensive tests demonstrate that the proposed method guarantees very high accuracy in filtering detection, providing 100% accuracy in discriminating the presence and the type of morphological filter in raw images of three different datasets. The achieved accuracy is also good after JPEG compression, equal or above 76.8% on all datasets for quality factors above 80. The proposed approach is also able to determine the adopted structuring element for moderate compression factors. Finally, it is robust against noise addition and it can distinguish morphological filter from other filters.

Collaborative Filtering (CF) is a popular recommendation system that makes recommendations based on similar users' preferences. Though it is widely used, CF is prone to Shilling/Profile Injection attacks, where fake profiles are injected into the CF system to alter its outcome. Most of the existing shilling attacks do not work on online systems and cannot be efficiently implemented in real-world applications. In this paper, we introduce an efficient Multi-Armed-Bandit-based reinforcement learning method to practically execute online shilling attacks. Our method works by reducing the uncertainty associated with the item selection process and finds the most optimal items to enhance attack reach. Such practical online attacks open new avenues for research in building more robust recommender systems. We treat the recommender system as a black box, making our method effective irrespective of the type of CF used. Finally, we also experimentally test our approach against popular state-of-the-art shilling attacks.

The recent advancements in ubiquitous sensing powered by Wireless Computing Technologies (WCT) and Cloud Computing Services (CCS) have introduced a new thinking ability amongst researchers and healthcare professionals for building secure and connected healthcare systems. The integration of Internet of Things (IoT) in healthcare services further brings in several challenges with it, mainly including encrypted communication through vulnerable wireless medium, authentication and access control algorithms and ownership transfer schemes (important patient information). Major concern of such giant connected systems lies in creating the data handling strategies which is collected from the billions of heterogeneous devices distributed across the hospital network. Besides, the resource constrained nature of IoT would make these goals difficult to achieve. Motivated by aforementioned deliberations, this paper introduces a novel approach in designing a security framework for edge-computing based connected healthcare systems. An efficient, multi-factor access control and ownership transfer mechanism for edge-computing based futuristic healthcare applications is the core of proposed framework. Data scalability is achieved by employing distributed approach for clustering techniques that analyze and aggregate voluminous data acquired from heterogeneous devices individually before it transits the to the cloud. Moreover, data/device ownership transfer scheme is considered to be the first time in its kind. During ownership transfer phase, medical server facilitates user to transfer the patient information/ device ownership rights to the other registered users. In order to avoid the existing mistakes, we propose a formal and informal security analysis, that ensures the resistance towards most common IoT attacks such as insider attack, denial of distributed service (DDoS) attack and traceability attacks.

Attacks targeting several millions of non-internet based application users are on the rise. These applications such as SMS and USSD typically do not benefit from existing multi-factor authentication methods due to the nature of their interaction interfaces and mode of operations. To address this problem, we propose an approach that augments blockchain with multi-factor authentication based on evidence from blockchain transactions combined with risk analysis. A profile of how a user performs transactions is built overtime and is used to analyse the risk level of each new transaction. If a transaction is flagged as high risk, we generate n-factor layers of authentication using past endorsed blockchain transactions. A demonstration of how we used the proposed approach to authenticate critical financial transactions in a blockchain-based asset financing platform is also discussed.

Adapting parallel scheduling function in the design of multi-scheduling algorithm results significant impact in the operation of high performance parallel systems. The various methods of parallelizing scheduling functions are widely applied in traditional multiprocessor systems. In this paper a novel algorithm is introduced which works not only for parallel execution of jobs but also focuses the parallelization of scheduling function. It gives attention on reducing the execution time, minimizing the load balance performance by selecting the volume of tasks for migration in terms of packets. Jobs are grouped into packets consisting of 2n jobs which are scheduled in parallel. Thus, an enhancement in the scheduling mechanism by packet formation is made to carry out high utilization of underlying architecture with increased throughput. The proposed method is assessed on a desktop computer equipped with multi-core processors in cube based multiprocessor systems. The algorithm is implemented with different configuration of multi-core systems. The simulation results indicate that the proposed technique reduces the overall makespan of execution with an improved performance of the system.

We study the use of Multiform Logical Time, as embodied in Esterel/SyncCharts and Clock Constraint Specification Language (CCSL), for the specification of assume-guarantee constraints providing safe driving rules related to time and space, in the context of Automated Driving Assistance Systems (ADAS). The main novelty lies in the use of logical clocks to represent the epochs of specific area encounters (when particular area trajectories just start overlapping for instance), thereby combining time and space constraints by CCSL to build safe driving rules specification. We propose the safe specification pattern at high-level that provide the required expressiveness for safe driving rules specification. In the pattern, multiform logical time provides the power of parameterization to express safe driving rules, before instantiation in further simulation contexts. We present an efficient way to irregularly update the constraints in the specification due to the context changes, where elements (other cars, road sections, traffic signs) may dynamically enter and exit the scene. In this way, we add constraints for the new elements and remove the constraints related to the disappearing elements rather than rebuild everything. The multi-lane highway scenario is used to illustrate how to irregularly and efficiently update the constraints in the specification while receiving a fresh scene.

This is a feasibility study on homomorphic encryption using the MK-TFHE library in daily computing using cloud services. Logic gates OR, AND, XOR, XNOR, NOR were created. A basic set of arithmetic operations namely - addition, subtraction, multiplication and division were also created. This research is a continuation of a previous work and this peeks into the newly created logic gates on these arithmetic operations.

The reliability of mechanical equipment is very important for the security operation of large-scale equipment. This paper presents a rolling bearing fault diagnosis method based on Variational Mode Decomposition (VMD) and Convolutional Neural Network (CNN). This proposed method includes using VMD and CNN to extend multi-sensor data, extracting detailed features and achieve more robust sensor fusion. Representative features can be extracted automatically from the raw signals. The proposed method can extract features directly from data without prior knowledge. The effectiveness of this method is verified on Case Western Reserve University (CWRU) dataset. Compared with one sensor and traditional approaches using manual feature extraction, the results show the superior diagnosis performance of the proposed method. Because of the end-to-end feature learning ability, this method can be extended to other kinds of sensor mechanical fault diagnosis.

Existing security models are highly linear and fail to capture the rich interactions that occur across security technology, infrastructure, cybersecurity, and human/organizational components. In this work, we will leverage insights from resilience science, complex system theory, and network theory to develop a next-generation security model based on these interactions to address challenges in complex, nonlinear risk environments and against innovative and disruptive technologies. Developing such a model is a key step forward toward a dynamic security paradigm (e.g., shifting from detection to anticipation) and establishing the foundation for designing next-generation physical security systems against evolving threats in uncontrolled or contested operational environments.

Device-Free Localization and Tracking (DFLT) acts as a key component for the contactless awareness applications such as elderly care and home security. However, the random phase errors in WiFi signal and weak target echoes submerged in background clutter signals are mainly obstacles for current DFLT systems. In this paper, we propose the design and implementation of MuTrack, a multiparameter based DFLT system using commodity WiFi devices with a single link. Firstly, we select an antenna with maximum reliability index as the reference antenna for signal sanitization in which the conjugate operation removes the random phase errors. Secondly, we design a multi-dimensional parameters estimator and then refine path parameters by optimizing the complete data of path components. Finally, the Hungarian Kalman Filter based tracking method is proposed to derive accurate locations from low-resolution parameter estimates. We extensively validate the proposed system in typical indoor environment and these experimental results show that MuTrack can achieve high tracking accuracy with the mean error of 0.82 m using only a single link.

With the rapid growth in Natural Language Processing (NLP), all types of industries find a need for analyzing a massive amount of data. Sentiment analysis is becoming a more exciting area for the businessmen and researchers in Text mining & NLP. This process includes the calculation of various sentiments with the help of text mining. Supplementary to this, the world is connected through Information Technology and, businesses are moving toward the next step of the development to make their system more intelligent. Microservices have fulfilled the need for development platforms which help the developers to use various development tools (Languages and applications) efficiently. With the consideration of data analysis for business growth, data security becomes a major concern in front of developers. This paper gives a solution to keep the data secured by providing required access to data scientists without disturbing the base system software. This paper has discussed data storage and exchange policies of microservices through common JavaScript Object Notation (JSON) response which performs the sentiment analysis of customer's data fetched from various microservices through secured APIs.

As any other infrastructure relying on cyber-physical systems (CPS), naval CPS are highly interconnected and collect considerable data streams, on which depend multiple command and navigation decisions. Being a data-driven decision system requiring optimized supervisory control on a permanent basis, it is critical to examine the CPS vulnerability to anomalies and their propagation. This paper presents an approach to detect CPS anomalies and estimate their propagation applying a quality assessed graph, which represents the CPS physical and digital subsystems, combined with system variables dependencies and a set of data and information quality measures vectors. Following the identification of variables dependencies and high-risk nodes in the CPS, data and information quality measures reveal how system variables are modified when an anomaly is detected, also indicating its propagation path. Taking as reference the normal state of a naval propulsion management system, four anomalies in the form of cyber-attacks - port scan, programmable logical controller stop, and man in the middle to change the motor speed and operation of a tank valve - were produced. Three anomalies were properly detected and their propagation path identified. These results suggest the feasibility of anomaly detection and estimation of propagation estimation in CPS, applying data and information quality analysis to a system graph.

The rapid growth of the Internet is, in part, powered by the broad participation of numerous vendors building network components. All these network devices require that they be properly configured and maintained, which creates a challenge for system administrators of complex networks with a growing variety of heterogeneous devices. This challenge is true for today's networks, as well as for the networking architectures of the future, such as Named Data Networking (NDN). This paper gives a preliminary design of an NDNconf framework, an adaptation of a recently developed NETCONF protocol, to realize unified configuration and management for NDN. The presented design is built leveraging the benefits provided by NDN, including the structured naming shared among network and application layers, stateful data retrieval with name-based interest forwarding, in-network caching, data-centric security model, and others. Specifically, the configuration data models, the heart of NDNconf, the elements of the models and models themselves are represented as secured NDN data, allowing fetching models, fetching configuration data that correspond to elements of the model, and issuing commands using the standard Interest-Data exchanges. On top of that, the security of models, data, and commands are realized through native data-centric NDN mechanisms, providing highly secure systems with high granularity of control.

This paper proposes a hardware Self-Organizing Map (SOM) for high dimensional vectors. The proposed SOM is based on nested architecture with pipeline processing. Due to homogeneous modular structure, the nested architecture provides high expandability. The original nested SOM was designed to handle low-dimensional vectors with fully parallel computation, and it yielded very high performance. In this paper, the architecture is extended to handle much higher dimensional vectors by using sequential computation, which requires multiple clocks to process a single vector. To increase the performance, the proposed architecture employs pipeline computation, in which search of winner neuron and weight vector update are carried out simultaneously. Operable clock frequency for the system was 60 MHz, and its throughput reached 15012 million connection updates per second (MCUPS).

Network port scans are a key first step to developing a true understanding of a network-facing attack surface. However in large-scale networks, the data resulting from such scans can be too numerous for Red Teams to process for manual and semiautomatic testing. Indiscriminate port scans can also compromise a Red Team seeking to quickly gain a foothold on a network. A large attack surface can even complicate Blue Team activities like threat hunting. In this paper we provide a cluster analysis methodology designed to group similar hosts to reduce security team workload and Red Team observability. We also measure the Internet-facing network attack surface of 13 organizations by clustering their hosts based on similarity. Through a case study we demonstrate how the output of our clustering technique provides new insight to both Red and Blue Teams, allowing them to quickly identify potential high-interest points on the attack surface.

As a new type of complex system, multi delay network in the field of information security undertakes the important responsibility of solving information congestion, balancing network bandwidth and traffic. The problems of data loss, program failure and a large number of system downtime still exist in the conventional multi delay system when dealing with the problem of information jam, which makes the corresponding reliability of the whole system greatly reduced. Based on this, this paper mainly studies and analyzes the stability system and reliability of the corresponding multi delay system in the information security perspective. In this paper, the stability and reliability analysis of multi delay systems based on linear matrix and specific function environment is innovatively proposed. Finally, the sufficient conditions of robust asymptotic stability of multi delay systems are obtained. At the same time, the relevant stability conditions and robust stability conditions of multi delay feedback switched systems are given by simulation. In the experimental part, the corresponding data and conclusions are simulated. The simulation results show that the reliability and stability analysis data of multi delay system proposed in this paper have certain experimental value.

Nowadays, simple tools such as traceroute can be used by attackers to acquire topology knowledge remotely. Worse still, attackers can use a lightweight fingerprinting technique, based on traceroute and ping, to retrieve the routers brand, and use that knowledge to launch targeted attacks. In this paper, we show that the hardware ecosystem of network operators can greatly vary from one to another, with all potential security implications it brings. Indeed, depending on the autonomous system (AS), not all brands play the same role in terms of network connectivity. An attacker could find an interest in targeting a specific hardware vendor in a particular AS, if known defects are present in this hardware, and if the AS relies heavily on it for forwarding its traffic.

In order to cope with the network attack of industrial control system, this paper proposes a quantifiable attack-defense tree model. In order to reduce the influence of subjective factors on weight calculation and the probability of attack events, the Fuzzy Analytic Hierarchy Process and the Attack-Defense Tree model are combined. First, the model provides a variety of security attributes for attack and defense leaf nodes. Secondly, combining the characteristics of leaf nodes, a fuzzy consistency matrix is constructed to calculate the security attribute weight of leaf nodes, and the probability of attack and defense leaf nodes. Then, the influence of defense node on attack behavior is analyzed. Finally, the network risk assessment of typical airport oil supply automatic control system has been undertaken as a case study using this attack-defense tree model. The result shows that this model can truly reflect the impact of defense measures on the attack behavior, and provide a reference for the network security scheme.