Biblio

This paper describes a system that comprises of control, safety and security subsystem for industries and homes. The entire system is based on the Bolt IoT platform. Using this system, the user can control the devices such as LEDs, speed of the fan or DC motor, monitor the temperature of the premises with an alert sub-system for critical temperatures through SMS and call, monitor the presence of anyone inside the premises with an alert sub-system about any intrusion through SMS and call. If the system is used specifically in any industry then instead of monitoring the temperature any other physical quantity, which is critical for that industry, can be monitored using suitable sensors. In addition, the cloud connectivity is provided to the system using the Bolt IoT module and temperature data is sent to the cloud where using machine-learning algorithm the future temperature is predicted to avoid any accidents in the future.

Wireless network is an alternative communication to cable, where radio wave is used as transmission media instead of copper medium. However, wireless network more vulnerable to risk in security compared to cable network. Wireless network mostly used by Internet of Things node as communication media between nodes. Hence, these nodes exposed to risk of flooding attack from third party person. Hence, a system which capability to detect flooding attack at IoT node is required. Many researches have been done before, but most of the research only focus to IPv4 and signature-based detection. IPv6-based attacks undetectable by the current research, due to different datagram structure. This paper proposed a conceptual detection method with reinforcement learning algorithm to detect IPv6-based attack targeting IoT nodes. This reward will decide whether the detection system is good or not. The assessment calculation equation is used to turn reward-based score into detection accuracy.

Local flexibility markets are a concept to integrate distributed flexibilities such as power-to-gas, power-to-heat systems, electric vehicles, and battery storage systems into congestion management of distribution and transmission grids. However, the activation of the flexibility of storage systems changes their state-of-charge and thus reduces their available flexibility. Counter-trading or compensation of activated flexibility in later points of time lets storage operators regain flexibility. However, this compensation might create or amplify congestions when not supervised by system operators. Therefore, we propose the inclusion of compensation within the flexibility market clearing process by system operators. We further develop a linear formulation of flexibility market bids by storage systems that takes the need for compensation into account. For this, first, the operational planning formulation of a storage system is expanded by flexibility market participation. Subsequently, the linear formulation of bids is derived and demonstrated.

This study proposes a machine learning method based on stream homomorphic encryption computing for improving security and reducing computational time. A case study of mobile positioning based on k nearest neighbors ( kNN) is selected to evaluate the proposed method. The results showed the proposed method can save computational resources than others.

Energy security program which becomes the part of energy management must ensure the high reliability of the electric power transmission system so that the customer can be served very well. However, there are several problems that can hinder reliability achievement such as the long duration of fault recovery. On the other side, the prediction of fault recovery duration becomes a very challenging task. Because there are still few machine learning-based solution offer this paper proposes a machine learning-based strategy by using Naive-Bayes Classifier (NBC) and Support Vector Machine (SVM) in predicting the fault recovery duration class. The dataset contains 3398 rows of non-temporary-fault type records, six input features (Substation, Asset Type, Fault Category, Outage Start Time, Outage Day, and Outage Month) and single target feature (Fault Recovery Duration). According to the performance test result, those two methods reach around 97-99% of accuracy, average sensitivity, and average specificity. In addition, one of the advantages obtained in field of fault recovery prediction is increasing the accuracy of likelihood level calculation of the long fault recovery time risk.

A modular static analysis decomposes a program's analysis into analyses of its parts, or components. An intercomponent analysis instructs an intra-component analysis to analyse each component independently of the others. Additional analyses are scheduled for newly discovered components, and for dependent components that need to account for newly discovered component information. Modular static analyses are scalable, can be tuned to a high precision, and support the analysis of programs that are highly dynamic, featuring e.g., higher-order functions or dynamically allocated processes.In this paper, we present the engineering aspects of MAF, a static analysis framework for implementing modular analyses for higher-order languages. For any such modular analysis, the framework provides a reusable inter-component analysis and it suffices to implement its intra-component analysis. The intracomponent analysis can be composed from several interdependent and reusable Scala traits. This design facilitates changing the analysed language, as well as the analysis precision with minimal effort. We illustrate the use of MAF through its instantiation for several different analyses of Scheme programs.

Recent advances in web technology have made in-browser crypto-mining a viable funding model. However, these services have been abused to launch large-scale cryptojacking attacks to secretly mine cryptocurrency in browsers. To detect them, various signature-based or runtime feature-based methods have been proposed. However, they can be imprecise or easily circumvented. To this end, we propose MinerRay, a generic scheme to detect malicious in-browser cryptominers. Instead of leveraging unreliable external patterns, MinerRay infers the essence of cryptomining behaviors that differentiate mining from common browser activities in both WebAssembly and JavaScript contexts. Additionally, to detect stealthy mining activities without user consents, MinerRay checks if the miner can only be instantiated from user actions. MinerRay was evaluated on over 1 million websites. It detected cryptominers on 901 websites, where 885 secretly start mining without user consent. Besides, we compared MinerRay with five state-of-the-art signature-based or behavior-based cryptominer detectors (MineSweeper, CMTracker, Outguard, No Coin, and minerBlock). We observed that emerging miners with new signatures or new services were detected by MinerRay but missed by others. The results show that our proposed technique is effective and robust in detecting evolving cryptominers, yielding more true positives, and fewer errors.

With the spread of information technology in human life, data protection is a critical task. On the other hand, malicious programs are developed, which can manipulate sensitive and critical data and restrict access to this data. Ransomware is an example of such a malicious program that encrypts data, restricts users' access to the system or their data, and then request a ransom payment. Many types of research have been proposed for ransomware detection. Most of these methods attempt to identify ransomware by relying on program behavior during execution. The main weakness of these methods is that it is not clear how long the program should be monitored to show its real behavior. Therefore, sometimes, these researches cannot early detect ransomware. In this paper, a new method for ransomware detection is proposed that does not require running the program and uses the PE header of the executable files. To extract effective features from the PE header files, an image based on PE header is constructed. Then, according to the advantages of Convolutional Neural Networks in extracting features from images and classifying them, CNN is used. The proposed method achieves 93.33% accuracy. Our results indicate the usefulness and practicality method for ransomware detection.

Existing Lipschitz-based provable defences to adversarial examples only cover the L2 threat model. We introduce the first bound that makes use of Lipschitz continuity to provide a more general guarantee for threat models based on any Lp norm. Additionally, a new strategy is proposed for designing network architectures that exhibit superior provable adversarial robustness over conventional convolutional neural networks. Experiments are conducted to validate our theoretical contributions, show that the assumptions made during the design of our novel architecture hold in practice, and quantify the empirical robustness of several Lipschitz-based adversarial defence methods.

This paper presents an overhead analysis of the use of digital signature mechanisms in the Message Queue Telemetry Transport (MQTT) protocol for three classes of constrained-device. Because the resources provided by constrained-devices are very limited, the purpose of this overhead analysis is to help find out the advantages and disadvantages of each class of constrained-devices after a security mechanism has been applied, namely by applying a digital signature mechanism. The objective of using this digital signature mechanism is for providing integrity, that if the payload sent and received in its destination is still original and not changed during the transmission process. The overhead analysis aspects performed are including analyzing decryption time, signature verification performance, message delivery time, memory and flash usage in the three classes of constrained-device. Based on the overhead analysis result, it can be seen that for decryption time and signature verification performance, the Class-2 device is the fastest one. For message delivery time, the smallest time needed for receiving the payload is Class-l device. For memory usage, the Class-2 device is providing the biggest available memory and flash.

The new switching architecture of the neural networks was proposed. The switching neural networks consist of the neurons and the switchers. The goal is to reduce expenses on the artificial neural network design and training. For realization of complex models, algorithms and methods of management the neural networks of the big size are required. The number of the interconnection links “everyone with everyone” grows with the number of neurons. The training of big neural networks requires the resources of supercomputers. Time of training of neural networks also depends on the number of neurons in the network. Switching neural networks are divided into fragments connected by the switchers. Training of switcher neuron network is provided by fragments. On the basis of switching neural networks the devices of associative memory were designed with the number of neurons comparable to the human brain.

The successful realization of the climate goals agreed upon in the European Union's COP21 commitments makes a fundamental change of the European energy system necessary. In particular, for a reduction of greenhouse gas emissions over 80%, the use of renewable energies must be increased not only in the electricity sector but also across all energy sectors, such as heat and mobility. Furthermore, a progressive integration of renewable energies increases the risk of congestions in the transmission grid and makes network expansion necessary. An efficient planning for future energy systems must comprise the coupling of energy sectors as well as interdependencies of generation and transmission grid infrastructure. However, in traditional energy system planning, these aspects are considered as decoupled. Therefore, the project PlaMES develops an approach for integrated planning of multi-energy systems on a European scale. This paper aims at analyzing the model requirements and describing the modeling approach.

At present, our life is almost inseparable from the network, the network provides a lot of convenience for our life. However, a variety of network security incidents occur very frequently. In recent years, with the continuous development of neural network technology, more and more researchers have applied neural network to intrusion detection, which has developed into a new research direction in intrusion detection. As long as the neural network is provided with input data including network data packets, through the process of self-learning, the neural network can separate abnormal data features and effectively detect abnormal data. Therefore, the article innovatively proposes an intrusion detection method based on deep convolutional neural networks (CNN), which is used to test on public data sets. The results show that the model has a higher accuracy rate and a lower false negative rate than traditional intrusion detection methods.

The papers in this special section focus on resilient control in large-scae networked cyber-physical systems. These papers deal with the opportunities offered by these emerging technologies to mitigate undesired phenomena arising when intentional jamming and false data injections, categorized as cyber-attacks, infer communication channels. Recent advances in sensing, communication and computing have open the door to the deployment of largescale networks of sensors and actuators that allow fine-grain monitoring and control of a multitude of physical processes and infrastructures. The appellation used by field experts for these paradigms is Cyber-Physical Systems (CPS) because the dynamics among computers, networking media/resources and physical systems interact in a way that multi-disciplinary technologies (embedded systems, computers, communications and controls) are required to accomplish prescribed missions. Moreover, they are expected to play a significant role in the design and development of future engineering applications such as smart grids, transportation systems, nuclear plants and smart factories.

A common technique for building ICT systems is to build them as successive layers of bstraction: for instance, the Instruction Set Architecture (ISA) is an abstraction of the hardware, and compilers or interpreters build higher level abstractions on top of the ISA.The functionality of an ICT application can often be understood by considering only a single level of abstraction. For instance the source code of the application defines the functionality using the level of abstraction of the source programming language. Functionality can be well understood by just studying this source code.Many important security issues in ICT system however are cross-layer issues: they can not be understood by considering the system at a single level of abstraction, but they require understanding how multiple levels of abstraction are implemented. Attacks may rely on, or exploit, implementation details of one or more layers below the source code level of abstraction.The purpose of this paper is to illustrate this cross-layer nature of security by discussing old and new examples of cross-layer security issues, and by providing a classification of these issues.

The facial recognition time by time takes more importance, due to the extend kind of applications it has, but it is still challenging when faces big variations in the characteristics of the biometric data used in the process and especially referring to the transportation of information through the internet in the internet of things context. Based on the systematic review and rigorous study that supports the extraction of the most relevant information on this topic [1], a software architecture proposal which contains basic security requirements necessary for the treatment of the data involved in the application of facial recognition techniques, oriented to an IoT environment was generated. Concluding that the security and privacy considerations of the information registered in IoT devices represent a challenge and it is a priority to be able to guarantee that the data circulating on the network are only accessible to the user that was designed for this.

Software quality evolution and predictive models to support decisions about resource distribution in software quality assurance tasks are an important part of software engineering research. Recently, a fine-grained just-in-time defect prediction approach was proposed which has the ability to find bug-inducing files within changes instead of only complete changes. In this work, we utilize this approach and improve it in multiple places: data collection, labeling and features. We include manually validated issue types, an improved SZZ algorithm which discards comments, whitespaces and refactorings. Additionally, we include static source code metrics as well as static analysis warnings and warning density derived metrics as features. To assess whether we can save cost we incorporate a specialized defect prediction cost model. To evaluate our proposed improvements of the fine-grained just-in-time defect prediction approach we conduct a case study that encompasses 38 Java projects, 492,241 file changes in 73,598 commits and spans 15 years. We find that static source code metrics and static analysis warnings are correlated with bugs and that they can improve the quality and cost saving potential of just-in-time defect prediction models.

Although function model has been widely applied to develop various operator decision support systems, the modeling process is essentially a manual work, which takes significant efforts on knowledge acquisition. It would greatly improve the efficiency of modeling if relevant information can be automatically retrieved from engineering documents. This paper investigates the possibility of automated transformation from P&IDs to a function model called MFM via AutomationML. Semantics and modeling patterns of MFM are established in AutomationML, which can be utilized to convert plant topology models into MFM models. The proposed approach is demonstrated with a small use case. Further topics for extending the study are also discussed.

In this paper, a new intrusion detection mechanism is proposed based on Trust and Packet Loss Rate at Sensor Node in WSNs. To find the true malicious nodes, the proposed mechanism performs a deep analysis on the packet loss. Two independent metrics such as buffer capacity metric and residual energy metric are considered for packet loss rate evaluation. Further, the trust evaluation also considers the basic communication interactions between sensor nodes. Based on these three metrics, a new composite metric called Packet Forwarding Probability (PFP) is derived through which the malicious nodes are identified. Simulation experiments are conducted over the proposed mechanism and the performance is evaluated through False Positive Rate (FPR) and Malicious Detection Rate (MDR). The results declare that the proposed mechanism achieves a better performance compared to the conventional approaches.

RPL, the IPv6 Routing Protocol for low-power and lossy networks, was standardized by the Internet Engineering Task Force (IETF) in 2011. It is developed to connect resource constrained devices enabled by low-power and lossy networks (LLNs). RPL prominently becomes the routing protocol for IoT. However, the RPL protocol is facing many challenges such as trustworthiness among the nodes which need to be addressed and resolved to make the network secure and efficient. In this paper, a multicasting technique is developed that is based on trust mechanism to resolve this issue. This mechanism manages and protects the network from untrusted nodes which can hamper the security and result in delayed and distorted transmission of data. It allows any node to decide whether to trust other nodes or not during the construction of the topology. This is then proved efficient by comparing it with broadcasting nature of the transmission among the nodes in terms of energy, throughput, percentage of alive and dead nodes.

Dynamic strain sensing is necessary for high-temperature harsh-environment applications, including powerplants, oil wells, aerospace, and metal manufacturing. Monitoring dynamic strain is important for structural health monitoring and condition-based maintenance in order to guarantee safety, increase process efficiency, and reduce operation and maintenance costs. Sensing in high-temperature (HT), harsh-environments (HE) comes with challenges including mounting and packaging, sensor stability, and data acquisition and processing. Wireless sensor operation at HT is desirable because it reduces the complexity of the sensor connection, increases reliability, and reduces costs. Surface acoustic wave resonators (SAWRs) are compact, can operate wirelessly and battery-free, and have been shown to operate above 1000°C, making them a potential option for HT HE dynamic strain sensing. This paper presents wirelessly interrogated SAWR dynamic strain sensors operating around 288.8MHz at room temperature and tested up to 400°C. The SAWRs were calibrated with a high-temperature wired commercial strain gauge. The sensors were mounted onto a tapered-type Inconel constant stress beam and the assembly was tested inside a box furnace. The SAWR sensitivity to dynamic strain excitation at 25°C, 100°C, and 400°C was .439 μV/με, 0.363μV/με, and .136 μV/με, respectively. The experimental outcomes verified that inductive coupled wirelessly interrogated SAWRs can be successfully used for dynamic strain sensing up to 400°C.

This article describes attacks methods, vectors and technics used by threat actors during pandemic situations in the world. Identifies common targets of threat actors and cyber-attack tactics. The article analyzes cybersecurity challenges and specifies possible solutions and improvements in cybersecurity. Defines cybersecurity controls, which should be taken against analyzed attack vectors.

This paper describes the development of a module for calculating security zones in the cloud service of APCS modeling. A mathematical model based on graph theory is used. This allows you to describe access relationships between objects and security policy subjects. A comparative analysis of algorithms for traversing graph vertices is performed in order to select a suitable method for allocating security zones. The implemented algorithm for calculating security zones was added to the cloud service omole.ws.

To reduce cost and ease maintenance, industrial control systems (ICS) have adopted Ethernetbased interconnections that integrate operational technology (OT) systems with information technology (IT) networks. This integration has made these critical systems vulnerable to attack. Security solutions tailored to ICS environments are an active area of research. Anomalybased network intrusion detection systems are well-suited for these environments. Often these systems must be optimized for their specific environment. In prior work, we introduced a method for assessing the impact of various anomaly-based network IDS settings on security. This paper reviews the experimental outcomes when we applied our method to a full-scale ICS test bed using actual attacks. Our method provides new and valuable data to operators enabling more informed decisions about IDS configurations.

Hardening is the process of configuring IT systems to ensure the security of the systems' components and data they process or store. The complexity of contemporary IT infrastructures, however, renders manual security hardening and maintenance a daunting task. In many organizations, security-configuration guides expressed in the SCAP (Security Content Automation Protocol) are used as a basis for hardening, but these guides by themselves provide no means for automatically implementing the required configurations. In this paper, we propose an approach to automatically extract the relevant information from publicly available security-configuration guides for Windows operating systems using natural language processing. In a second step, the extracted information is verified using the information of available settings stored in the Windows Administrative Template files, in which the majority of Windows configuration settings is defined. We show that our implementation of this approach can extract and implement 83% of the rules without any manual effort and 96% with minimal manual effort. Furthermore, we conduct a study with 12 state-of-the-art guides consisting of 2014 rules with automatic checks and show that our tooling can implement at least 97% of them correctly. We have thus significantly reduced the effort of securing systems based on existing security-configuration guides. In many organizations, security-configuration guides expressed in the SCAP (Security Content Automation Protocol) are used as a basis for hardening, but these guides by themselves provide no means for automatically implementing the required configurations. In this paper, we propose an approach to automatically extract the relevant information from publicly available security-configuration guides for Windows operating systems using natural language processing. In a second step, the extracted information is verified using the information of available settings stored in the Windows Administrative Template files, in which the majority of Windows configuration settings is defined. We show that our implementation of this approach can extract and implement 83% of the rules without any manual effort and 96% with minimal manual effort. Furthermore, we conduct a study with 12 state-of-the-art guides consisting of 2014 rules with automatic checks and show that our tooling can implement at least 97% of them correctly. We have thus significantly reduced the effort of securing systems based on existing security-configuration guides. In this paper, we propose an approach to automatically extract the relevant information from publicly available security-configuration guides for Windows operating systems using natural language processing. In a second step, the extracted information is verified using the information of available settings stored in the Windows Administrative Template files, in which the majority of Windows configuration settings is defined. We show that our implementation of this approach can extract and implement 83% of the rules without any manual effort and 96% with minimal manual effort. Furthermore, we conduct a study with 12 state-of-the-art guides consisting of 2014 rules with automatic checks and show that our tooling can implement at least 97% of them correctly. We have thus significantly reduced the effort of securing systems based on existing security-configuration guides. We show that our implementation of this approach can extract and implement 83% of the rules without any manual effort and 96% with minimal manual effort. Furthermore, we conduct a study with 12 state-of-the-art guides consisting of 2014 rules with automatic checks and show that our tooling can implement at least 97% of them correctly. We have thus significantly reduced the effort of securing systems based on existing security-configuration guides.