Biblio

As one of the most expensive computations in public-key cryptosystems, modular exponentiation is typically out-sourced to the cloud servers. Traditional cloud-based outsourcing algorithms depend on multiple untrusted servers to guarantee the security, which may lead to vulnerability to the collusion attack. Although recent single-server multiple-requests outsourcing algorithms are more secure, they have to perform multiple requests to the single untrusted server to guarantee the security and checkability of the data, which will incur unacceptable latency and local computational costs. In comparison, the edge computing paradigm enhances security since it has multiple computational nodes, including some highly secure local computational nodes. In this paper, we propose the secure outsourcing algorithm of modular exponentiation for the edge computing paradigm. To address the dilemma that the computational resources of different nodes vary significantly, we design two lightweight algorithms to adaptively separate the modular exponentiation to the nodes based on the computational resources. To guarantee the outsourcing checkability, we propose a protocol verify the result returned from each node. We formally prove the security and checkability of our algorithm and validate the efficiency of our algorithm based on experiments and case studies.

Open wireless channels make a wireless ad hoc network vulnerable to various security attacks, so it is crucial to design a routing protocol that can defend against the attacks of malicious nodes. In this paper, we first measure the trust value calculated by the node behavior in a period to judge whether the node is trusted, and then combine other QoS requirements as the routing metrics to design a secure routing approach. Moreover, we propose a deep learning-based model to learn the routing environment repeatedly from the data sets of packet flow and corresponding optimal paths. Then, when a new packet flow is input, the model can output a link set that satisfies the node's QoS and trust requirements directly, and therefore the optimal path of the packet flow can be obtained. The extensive simulation results show that compared with the traditional optimization-based method, our proposed deep learning-based approach cannot only guarantee more than 90% accuracy, but also significantly improves the computation time.

This study presents an open standards-based information system supporting democratisation and consumer empowerment through flexibility activation. This study describes a functional technical reference infrastructure: a secure, standard-based and viable communication backbone for flexibility activation. The infrastructure allows connection, registering, activation and reporting for different types of granular consumer flexibility. The flexibility sources can be directly controllable set points of chargers and stationary batteries, as well as controllable loads. The proposed communication system sees all these flexibility provisions as distributed energy resources in a wider sense, and the architecture allows consumer-level integration of different energy systems. This makes new flexibility sources fully available to the balancing responsible entities in a viable and realistically implementable manner. The proposed reference architecture, as implemented in the FLEXCoop project, relies on established open standards as it is based on the Open Automated Demand Response (OpenADR) and OAuth2/OpenID standards and the corresponding IEC 62746-10 standard, and it covers interfacing towards other relevant standards. The security and access implications are addressed by the OpenID security layer built on top of the OAuth2 and integrated with the OpenADR standard. To address the data protection and privacy aspects, the architecture is designed on the least knowledge principle.

Network-on-chip (NoC) has become the standard communication fabric for on-chip components in modern System-on-chip (SoC) designs. Since NoC has visibility to all communications in the SoC, it has been one of the primary targets for security attacks. While packet encryption can provide secure communication, it can introduce unacceptable energy and performance overhead due to the resource-constrained nature of SoC designs. In this paper, we propose a lightweight encryption scheme that is implemented on the network interface. Our approach improves the performance of encryption without compromising security using incremental cryptography, which exploits the unique NoC traffic characteristics. Experimental results demonstrate that our proposed approach significantly (up to 57%, 30% on average) reduces the encryption time compared to traditional approaches with negligible (less than 2%) impact on area overhead.

An identity-based distributed key management scheme for airborne ad hoc networks is analyzed. It is demonstrated that in the generation phase of user private key, the user identity certificate is transmitted in the public channel, so that the attacker can use the intercepted identity certificate to fake the legitimate node and cheat the distributed key generation center to generate private key for it. Then, an improved authentication scheme is proposed. It constructs the signature of timestamp using the private key of the user node as authentication proof, so that the attacker can't forge the authentication information. It is showed that the improved scheme can effectively resist the forgery attack, and further reduce the computing cost of user nodes while realizing all the functions of the original scheme.

Certificateless signcryption mechanism can not only provide security services, such as message integrity, non-repudiation and confidentiality, but also solve the problems of public key certificate management and key escrow. Zhou et al. proposed a certificateless signcryption mechanism without bilinear mapping and gave its security proof under the discrete logarithm problem and the computational Diffie Hellman problem in the random oracle model. However, the analysis show that this scheme has security flaws. That is, attackers can forge legitimate signatures of any messages. Finally, we give the specific attack process.

Moving Target Defense (MTD) is a defensive mechanism based on dynamic system reconfiguration to prevent or thwart cyberattacks. In the last years, considerable progress has been made regarding MTD approaches for virtualized environments, and Virtual Machine (VM) migration is the core of most of these approaches. However, VM migration produces system downtime, meaning that each MTD reconfiguration affects system availability. Therefore, a method for a combined evaluation of availability and security is of utmost importance for VM migration-based MTD design. In this paper, we propose a Stochastic Reward Net (SRN) for the probability of attack success and availability evaluation of an MTD based on VM migration scheduling. We study the MTD system under different conditions regarding 1) VM migration scheduling, 2) VM migration failure probability, and 3) attack success rate. Our results highlight the tradeoff between availability and security when applying MTD based on VM migration. The approach and results may provide inputs for designing and evaluating MTD policies based on VM migration.

This paper proposes a proximity-aware extensions to the current Bitcoin protocol, named Master Node Based Clustering (MNBC). The ultimate purpose of the proposed protocol is to evaluate the security and performance of grouping nodes based on physical proximity. In MNBC protocol, physical internet connectivity increases as well as the number of hops between nodes decreases through assigning nodes to be responsible for propagating based on physical internet proximity.

The Internet of Things is progressively turning into a pervasive computing service, needing enormous volumes of data storage and processing. However, due to the distinctive properties of resource constraints, self-organization, and short-range communication in Internet of Things (IoT), it always adopts to cloud for outsourced storage and computation. This integration of IoT with cloud has a row of unfamiliar security challenges for the data at rest. Cloud computing delivers highly scalable and flexible computing and storage resources on pay-per-use policy. Cloud computing services for computation and storage are getting increasingly popular and many organizations are now moving their data from in-house data centers to the Cloud Storage Providers (CSPs). Time varying workload and data intensive IoT applications are vulnerable to encounter challenges while using cloud computing services. Additionally, the encryption techniques and third-party auditors to maintain data integrity are still in their developing stage and therefore the data at rest is still a concern for IoT applications. In this paper, we perform an analysis study to investigate the challenges and strategies adapted by Cloud Computing to facilitate a safe transition of IoT applications to the Cloud.

A secure-enhanced scheme based on deoxyribonucleic acid (DNA) encoding encryption and probabilistic shaping (PS) is proposed. Experimental results verify the superiority of our proposed scheme in the achievement of security and power gain. © 2020 The Author(s).

Nowadays, Security is the biggest challenge in communication networks. Well defined security protocols not only solve the privacy and security issues but also help to reduce the implementation cost and simplify network's operation. Network society demands more reliable and secure network services as well as infrastructure. In communication networks, data theft, hacking, fraud, cyber warfare are serious security threats. Security as defined by experts is confirming protected communication amongst communication/computing systems and consumer applications in private and public networks, it is important for promising privacy, confidentiality, and protection of information. This paper highlights the security related issues and challenges in communication networks. We also present the holistic view for the underlaying physical layer including physical infrastructure attacks, jamming, interception, and eavesdropping. This research focused on improving the security measures and protocols in different communication networks.

Vehicular Ad-Hoc Networks (VANET) are liable to the Black, Worm and Gray Hole attacks because of the broadcast nature of the wireless medium and a lack of authority standards. Black Hole attack covers the situation when a malicious node uses its routing protocol in order to publicize itself for having the shortest route to the destination node. This aggressive node publicizes its availability of fresh routes regardless of checking its routing table. The consequences of these attacks could lead not only to the broken infrastructure, but could cause hammering people's lives. This paper aims to investigate and compare methods for preventing such types of attacks in a VANET.

Security is the basic topic for the normal operation of the power Internet of Things, and its growing scale determines the trend of dynamic deployment and flexible expansion in the future to meet the ever-changing needs. While large-scale networks have a high cost of hardware resources, so the security protection of the ubiquitous power Internet of Things must be lightweight. In this paper, we propose to build a platform of power Internet of things based on SDN (Software Defined Network) technology and extend the openflow protocol by adding some types of actions and meters to achieve the purpose of on-demand monitoring, dynamic defense and flexible response. To achieve the purpose of lightweight protection, we take advantage of DFI(Deep Flow Inspection) technology to collect and analyze traffic in the Internet of Things, and form a security prevention and control strategy model suitable for the power Internet of Things, without in-depth detection of payload and without the influence of ciphertext.

The need of more secured and environmental energy is becoming a necessity and priority in an environment suffering from serious problems due to technological development. Since the Smart Grid is a promising alternative that supports green energy and enhances a better management of electricity, the security side has became one of the major and critical associated issues in building the communication network in the microgrid.In this paper we will present the Smart Grid Cyber security challenges and propose a distributed algorithm that face one of the biggest problems threatening the smart grid which is fires.

With the rapid development of smart grids and the continuous deepening of informatization, while realizing remote telemetry and remote control of massive data-based grid operation, electricity information network security problems have become more serious and prominent. A method for electricity information network security situation prediction method based on improved deep belief network is proposed in this paper. Firstly, the affinity propagation clustering algorithm is used to determine the depth of the deep belief network and the number of hidden layer nodes based on sample parameters. Secondly, continuously adjust the scaling factor and crossover probability in the differential evolution algorithm according to the population similarity. Finally, a chaotic search method is used to perform a second search for the best individuals and similarity centers of each generation of the population. Simulation experiments show that the proposed algorithm not only enhances the generalization ability of electricity information network security situation prediction, but also has higher prediction accuracy.

With the improvement of people's living standards, more and more network users access the network, including a large number of infrastructure, these devices constitute the Internet of things(IoT). With the rapid expansion of devices in the IoT, the data transmission between the IoT has become more complex, and the security issues are facing greater challenges. SDN as a mature network architecture, its security has been affirmed by the industry, it separates the data layer from the control layer, thus greatly improving the security of the network. In this paper, we apply the SDN to the IoT, and propose a IoT network architecture based on SDN. In this architecture, we not only make use of the security features of SDN, but also deploy different security modules in each layer of SDN to integrate, analyze and plan various data through the IoT, which undoubtedly improves the security performance of the network. In the end, we give a comprehensive introduction to the system and verify its performance.

The aim of the study was to investigate the privacy and security of the user data on Twitter. For gathering the essential information, more than two million relevant tweets through the span of two years were used to conduct the study. In addition, we are classifying sentiment of Twitter data by exhibiting results of a machine learning by using the Naive Bayes algorithm. Although this algorithm is time consuming compared to the listing method yet can lead to effective estimation relatively. The tweets are extracted and pre-processed and then categorized them in neutral, negative and positive sentiments. By applying the chosen methodology, the study would end up in identifying the most effective mobile operating systems according to the sentiments of social media users. Additionally, the application of the algorithm needs to meet the privacy and security needs of Twitter users in order to optimize the use of social media intelligence. The approach will help in assessing the competitive intelligence of the Twitter data and the challenges in the form of privacy and- security of the user content and their contextual information simultaneously. The findings of the empirical research show that users are more concerned about the privacy and security of iOS compared to Android and Windows phone.

Cloud computing provides an appearing application for compelling vision in managing big-data files and responding queries over a distributed cloud platform. To overcome privacy revealing risks, sensitive documents and private data are usually stored in the clouds in a cipher-based manner. However, it is inefficient to search the data in traditional encryption systems. Searchable encryption is a useful cryptographic primitive to enable users to retrieve data in ciphertexts. However, the traditional searchable encryptions provide lower search efficiency and cannot carry out fuzzy multikeyword queries. To solve this issue, in this article, we propose a searchable encryption that supports privacy-preserving fuzzy multikeyword search (SE-PPFM) in cloud systems, which is built by asymmetric scalar-product-preserving encryptions and Hadamard product operations. In order to realize the functionality of efficient fuzzy searches, we employ Word2vec as the primitive of machine learning to obtain a fuzzy correlation score between encrypted data and queries predicates. We analyze and evaluate the performance in terms of token of multikeyword, retrieval and match time, file retrieval time and matching accuracy, etc. The experimental results show that our scheme can achieve a higher efficiency in fuzzy multikeyword ciphertext search and provide a higher accuracy in retrieving and matching procedure.

Existing logic-locking attacks are known to successfully decrypt functionally correct key of a locked combinational circuit. It is possible to extend these attacks to real-world Silicon-based Intellectual Properties (IPs, which are sequential circuits) through scan-chains by selectively initializing the combinational logic and analyzing the responses. In this paper, we propose SeqL, which achieves functional isolation and locks selective flip-flop functional-input/scan-output pairs, thus rendering the decrypted key functionally incorrect. We conduct a formal study of the scan-locking problem and demonstrate automating our proposed defense on any given IP. We show that SeqL hides functionally correct keys from the attacker, thereby increasing the likelihood of the decrypted key being functionally incorrect. When tested on pipelined combinational benchmarks (ISCAS, MCNC), sequential benchmarks (ITC) and a fully-fledged RISC-V CPU, SeqL gave 100% resilience to a broad range of state-of-the-art attacks including SAT [1], Double-DIP [2], HackTest [3], SMT [4], FALL [5], Shift-and-Leak [6] and Multi-cycle attacks [7].

Mobile Edge Computing may become a prevalent platform to support applications where mobile devices have limited compute, storage, energy and/or data privacy concerns. In this paper, we study the efficient provisioning and management of compute resources in the Edge-to-Cloud continuum for different types of real-time applications with timeliness requirements depending on application-level update rates and communication/compute delays. We begin by introducing a highly stylized network model allowing us to study the salient features of this problem including its sensitivity to compute vs. communication costs, application requirements, and traffic load variability. We then propose an online decentralized service placement algorithm, based on estimating network delays and adapting application update rates, which achieves high service availability. Our results exhibit how placement can be optimized and how a load-balancing strategy can achieve near-optimal service availability in large networks.

With the development of the Internet, the amount of information on the Internet is increasing rapidly, which makes it difficult for people to select the information they really want. A recommendation system is an effective way to solve this problem. Fake users can be injected by criminals to attack the recommendation system; therefore, accurate identification of fake users is a necessary feature of the recommendation system. Existing fake user detection algorithms focus on designing recognition methods for different types of attacks and have limited detection capabilities against unknown or hybrid attacks. The use of deep learning models can automate the extraction of false user scoring features, but neural network models are not applicable to discrete user scoring data. In this paper, random walking is used to rearrange the otherwise discrete user rating data into a rating feature matrix with spatial continuity. The rating data and the text data have some similarity in the distribution mode. By effective analogy, the TextCNN model originally used in NLP domain can be improved and applied to the classification task of rating feature matrix. Combining the ideas of random walking and word vector processing, this paper proposes a TextCNN detection model for user rating data. To verify the validity of the proposed model, the model is tested on MoiveLens dataset against 7 different attack detection algorithms, and exhibits better performance when compared with 4 attack detection algorithms. Especially for the Aop attack, the proposed model has nearly 100% detection performance with F1 - value as the evaluation index.

The construction of polar code refers to selecting K "most reliable polarizing channels" in N polarizing channels to WN(1)transmit information bits. For non-systematic polar code, Arikan proposed a method to measure the channel reliability for BEC channel, which is called Bhattacharyya Parameter method. The calculated complexity of this method is O(N) . In this paper, we find the complementarity of Bhattacharyya Parameter. According to the complementarity, the code construction under a certain channel condition can be quickly deduced from the complementary channel condition.

Intentional interference such as spoofing is an emerging threat to GPS receivers used in both civilian and defense applications. With the majority of smartphones relying on GPS for positioning and navigation, the vulnerability of these phones to spoofing attacks is an issue of security concern. In this paper, it is demonstrated that is easy to successfully spoof a smartphone using a simplistic spoofing technique. A spoofing signal is generated using open-source signal simulator and transmitted using a low-cost SDR. In view of the tremendously increasing usage of GPS enabled smartphones, it is necessary to develop suitable countermeasures for spoofing. This work carries significance as it would help in understanding the effects of spoofing at various levels of signal processing in the receiver and develop advanced spoofing detection and mitigation techniques.

The Internet of Things (IoT) integrates the Internet and electronic devices belonging to different domains, such as smart home automation, industrial processes, military applications, health, and environmental monitoring. Usually, IoT devices have limited resources and Low Power and Lossy Networks (LLNs) are being used to interconnect such devices. Routing Protocol for Low-Power and Lossy Networks (RPL) is one of the preferred routing protocols for this type of network, since it was specially developed for LLNs, also known as IPv6 over Low-Power Wireless Personal Area Networks (6LoWPAN). In this paper the most well-known routing attacks against 6LoWPAN networks were studied and implemented through simulation, conducting a behavioral analysis of network components (resources, topology, and data traffic) under attack condition. In order to achieve a better understanding on how attacks in 6LoWPAN work, we first conducted a study on 6LoWPAN networks and RPL protocol functioning. Furthermore, we also studied a series of well-known routing attacks against this type of Wireless Sensor Networks and these attacks were then simulated using Cooja simulator provided by Contiki operating system. The results obtained after the simulations are discussed along with other previous researches. This analysis may be of real interest when it comes to identify indicators of compromise for each type of attack and appropriate countermeasures for prevention and detection of these attacks.

This paper discusses and demonstrates the construction of a quantum modular exponentiation circuit in the Qiskit simulator for use in Shor's Algorithm for integer factorization problem (IFP), which is deemed to be able to crack RSA cryptosystems when a large-qubit quantum computer exists. We base our implementation on Vedral, Barenco, and Ekert (VBE) proposal of quantum modular exponentiation, one of the firsts to explicitly provide the aforementioned circuit. Furthermore, we present an example simulation of how to construct a 7xmod 15 circuit in a step-by-step manner, giving clear and detailed information and consideration that currently not provided in the existing literature, and present the whole circuit for use in Shor's Algorithm. Our present simulation shows that the 4-bit VBE quantum modular exponentiation circuit can be constructed, simulated, and measured in Qiskit, while the Shor's Algorithm incorporating this VBE approach itself can be constructed but not yet simulated due to an overly large number of QASM instructions.