Biblio

This paper describe most popular IoT protocols used for IoT embedded systems and research their advantage and disadvantage. Hardware stage used in this experiment is described in this article - it is used Esp32 and programming language C. It is very important to use corrected IoT protocol that is determines of purpose, hardware and software of system. There are so different IoT protocols, because they are cover vary requirements for vary cases.

Ultra-Reliable Low Latency Communications (URLLC) has been always a vital component of many industrial applications. The paper proposes a new wireless URLLC solution called RETIS, which is suitable for factory automation and fast process control applications, where low latency, low jitter, and high data exchange rates are mandatory. In the paper, we describe the communication protocol as well as the hardware structure of the network nodes for implementing the required functionality. Many techniques enabling fast, reliable wireless transmissions are used - short Transmission Time Interval (TTI), TimeDivision Multiple Access (TDMA), MIMO, optional duplicated data transfer, Forward Error Correction (FEC), ACK mechanism. Preliminary tests show that reliable endto-end latency down to 350 μs and packet exchange rate up to 4 kHz can be reached (using quadruple MIMO and standard IEEE 802.15.4 PHY at 250 kbit/s).

This research used an Autonomous Security Robot (ASR) scenario to examine public reactions to a robot that possesses the authority and capability to inflict harm on a human. Individual differences in terms of personality and Perfect Automation Schema (PAS) were examined as predictors of trust in the ASR. Participants (N=316) from Amazon Mechanical Turk (MTurk) rated their trust of the ASR and desire to use ASRs in public and military contexts following a 2-minute video depicting the robot interacting with three research confederates. The video showed the robot using force against one of the three confederates with a non-lethal device. Results demonstrated that individual differences factors were related to trust and desired use of the ASR. Agreeableness and both facets of the PAS (high expectations and all-or-none beliefs) demonstrated unique associations with trust using multiple regression techniques. Agreeableness, intellect, and high expectations were uniquely related to desired use for both public and military domains. This study showed that individual differences influence trust and one's desired use of ASRs, demonstrating that societal reactions to ASRs may be subject to variation among individuals.

Current FAA strategic objectives include a migration to Trajectory Based Operations (TBO) with the integration of time-based management data and tools to increase efficiencies and reduce operating costs within the National Airspace System (NAS). Under TBO, integration across various FAA systems will take on greater importance than ever. To ensure the security of this integration without impacting data and tool availability, the FAA should consider adopting a Zero Trust Framework (ZTF) into the NAS.ZTF was founded on the belief that strong boundary security protections alone (traditionally referred to as the castle-moat approach) were no longer adequate to protecting critical data from outside threats and, with ever-evolving threat sophistication, contamination within a network perimeter is assumed to already exist (see Figure 1).To address this, theorists developed a framework where trust is controlled and applied to all internal network devices, users, and applications in what was termed a "Never Trust; Always Verify" approach to distinguish the authorized from the unauthorized elements wanting to access network data.To secure achievement of TBO objectives and add defensive depth to counter potential insider threats, the FAA must consider implementing a hybrid approach to the ZTF theory. This would include continued use of existing boundary protections provided by the FAA Telecommunications Infrastructure (FTI) network, with the additional strength afforded by the application of ZTF, in what is called the NAS Zero Trust eXtended (ZTX) platform.This paper discusses a proposal to implement a hybrid ZTX approach to securing TBO infrastructure and applications in the NAS.

Accessing the secured data through the network is a major task in emerging technology. Data needs to be protected from the network vulnerabilities, malicious users, hackers, sniffers, intruders. The novel framework has been designed to provide high security in data transaction through computer network. The implant of network amalgamation in the recent trends, make the way in security enhancement in an efficient manner through the machine learning algorithm. In this system the usage of the biometric authenticity plays a vital role for unique approach. The novel mathematical approach is used in machine learning algorithms to solve these problems and provide the security enhancement. The result shows that the novel method has consistent improvement in enhancing the security of data transactions in the emerging technologies.

Journalists have long been the targets of both physical and cyber-attacks from well-resourced adversaries. Internet of Things (IoT) devices are arguably a new avenue of threat towards journalists through both targeted and generalised cyber-physical exploitation. This study comprises three parts: First, we interviewed 11 journalists and surveyed 5 further journalists, to determine the extent to which journalists perceive threats through the IoT, particularly via consumer IoT devices. Second, we surveyed 34 cyber security experts to establish if and how lay-people can combat IoT threats. Third, we compared these findings to assess journalists' knowledge of threats, and whether their protective mechanisms would be effective against experts' depictions and predictions of IoT threats. Our results indicate that journalists generally are unaware of IoT-related risks and are not adequately protecting themselves; this considers cases where they possess IoT devices, or where they enter IoT-enabled environments (e.g., at work or home). Expert recommendations spanned both immediate and longterm mitigation methods, including practical actions that are technical and socio-political in nature. However, all proposed individual mitigation methods are likely to be short-term solutions, with 26 of 34 (76.5%) of cyber security experts responding that within the next five years it will not be possible for the public to opt-out of interaction with the IoT.

Recognizing the need for proactive analysis of cyber adversary behavior, this paper presents a new event-driven simulation model and implementation to reveal the efforts needed by attackers who have various entry points into a network. Unlike previous models which focus on the impact of attackers' actions on the defender's infrastructure, this work focuses on the attackers' strategies and actions. By operating on a request-response session level, our model provides an abstraction of how the network infrastructure reacts to access credentials the adversary might have obtained through a variety of strategies. We present the current capabilities of the simulator by showing three variants of Bronze Butler APT on a network with different user access levels.

As modern web browsers gain new and increasingly powerful features the importance of impact assessments of the new functionality becomes crucial. A web privacy impact assessment of a planned web browser feature, the Ambient Light Sensor API, indicated risks arising from the exposure of overly precise information about the lighting conditions in the user environment. The analysis led to the demonstration of direct risks of leaks of user data, such as the list of visited websites or exfiltration of sensitive content across distinct browser contexts. Our work contributed to the creation of web standards leading to decisions by browser vendors (i.e. obsolescence, non-implementation or modification to the operation of browser features). We highlight the need to consider broad risks when making reviews of new features. We offer practically-driven high-level observations lying on the intersection of web security and privacy risk engineering and modeling, and standardization. We structure our work as a case study from activities spanning over three years.

With the rapid development of Internet technology, the era of big data is coming. SQL injection attack is the most common and the most dangerous threat to database. This paper studies the working mode and workflow of the GreenSQL database firewall. Based on the analysis of the characteristics and patterns of SQL injection attack command, the input model of GreenSQL learning is optimized by constructing the patterned input and optimized whitelist. The research method can improve the learning efficiency of GreenSQL and intercept samples in IPS mode, so as to effectively maintain the security of background database.

Physical unclonable functions(PUFs) are widely used as hardware root-of-trust to secure IoT devices, data and services. A PUF exploits inherent randomness introduced during manufacturing to give a unique digital fingerprint. Static Random-Access Memory (SRAM) based PUFs can be used as a mature technology for authentication. An SRAM with a number of SRAM cells gives an unrepeatable and random pattern of 0's and 1's during power on. As it is a unique pattern, it can be called as SRAM fingerprint and can be used as a PUF. The chance of producing more number of same values (either zero or one) is higher during power on. If a particular value present at almost all the cell during power on, it will lead to the dominance of either zero or one in the cryptographic key sequence. As the cryptographic key is generated by randomly taking address location of SRAM cells, (the subset of power on values of all the SRAM cells)the probability of occurring the same sequence most of the time is higher. In order to avoid that situation, SRAM should have to produce an equal number of zeros and ones during power on. SRAM PUF is implemented in Cadence Virtuoso tool. To generate equal zeros and ones during power on, variations can be done in the physical dimensions and to increase the stability body biasing can be effectively done.

Partitional Clustering Algorithm (PCA) on the Hadoop Distributed File System is to perform big data securities using the Perturbation Technique is the main idea of the proposed work. There are numerous clustering methods available that are used to categorize the information from the big data. PCA discovers the cluster based on the initial partition of the data. In this approach, it is possible to develop a security safeguarding of data that is impoverished to allow the calculations and communication. The performances were analyzed on Health Care database under the studies of various parameters like precision, accuracy, and F-score measure. The outcome of the results is to demonstrate that this method is used to decrease the complication in preserving privacy and better accuracy than that of the existing techniques.

The current study explored the influence of trust and distrust behaviors on performance, process, and purpose (trustworthiness) perceptions over time when participants were paired with a robot partner. We examined the changes in trustworthiness perceptions after trust violations and trust repair after those violations. Results indicated performance, process, and purpose perceptions were all affected by trust violations, but perceptions of process and purpose decreased more than performance following a distrust behavior. Similarly, trust repair was achieved in performance perceptions, but trust repair in perceived process and purpose was absent. When a trust violation occurred, process and purpose perceptions deteriorated and failed to recover from the violation. In addition, the trust violation resulted in untrustworthy perceptions of the robot. In contrast, trust violations decreased partner performance perceptions, and subsequent trust behaviors resulted in a trust repair. These findings suggest that people are more sensitive to distrust behaviors in their perceptions of process and purpose than they are in performance perceptions.

Today the integrity of digital documents and the authenticity of their origin is often hard to verify. Existing Public Key Infrastructures (PKIs) are capable of certifying digital identities but do not provide solutions to immutably store signatures, and the process of certification is often not transparent. In this work we propose Veritaa, a Distributed Public Key Infrastructure and Signature Store (DPKISS). The major innovation of Veritaa is the Graph of Trust, a directed graph that uses relations between identity claims to certify the identities and stores signed relations to digital document identifiers. The distributed architecture of Veritaa and the Graph of Trust enables a transparent certification process. To ensure non-repudiation and immutability of all actions that have been signed on the Graph of Trust, an application specific Distributed Ledger Technology (DLT) is used as secure storage. In this work a reference implementation of the proposed architecture was designed and implemented. Furthermore, a testbed was created and used for the evaluation of Veritaa. The evaluation of Veritaa shows the benefits and the high performance of the proposed architecture.

Trust is a critical issue in human-robot interactions (HRI) as it is the core of human desire to accept and use a non-human agent. Theory of Mind (ToM) has been defined as the ability to understand the beliefs and intentions of others that may differ from one's own. Evidences in psychology and HRI suggest that trust and ToM are interconnected and interdependent concepts, as the decision to trust another agent must depend on our own representation of this entity's actions, beliefs and intentions. However, very few works take ToM of the robot into consideration while studying trust in HRI. In this paper, we investigated whether the exposure to the ToM abilities of a robot could affect humans' trust towards the robot. To this end, participants played a Price Game with a humanoid robot (Pepper) that was presented having either low-level ToM or high-level ToM. Specifically, the participants were asked to accept the price evaluations on common objects presented by the robot. The willingness of the participants to change their own price judgement of the objects (i.e., accept the price the robot suggested) was used as the main measurement of the trust towards the robot. Our experimental results showed that robots possessing a high-level of ToM abilities were trusted more than the robots presented with low-level ToM skills.

Vehicle-to-vehicle (V2V) communication systems are currently being prepared for real-world deployment, but they face strong opposition over privacy concerns. Position beacon messages are the main culprit, being broadcast in cleartext and pseudonymously signed up to 10 times per second. So far, no practical solutions have been proposed to encrypt or anonymously authenticate V2V messages. We propose two cryptographic innovations that enhance the privacy of V2V communication. As a core contribution, we introduce zone-encryption schemes, where vehicles generate and authentically distribute encryption keys associated to static geographic zones close to their location. Zone encryption provides security against eavesdropping, and, combined with a suitable anonymous authentication scheme, ensures that messages can only be sent by genuine vehicles, while adding only 224 Bytes of cryptographic overhead to each message. Our second contribution is an authentication mechanism fine-tuned to the needs of V2V which allows vehicles to authentically distribute keys, and is called dynamic group signatures with attributes. Our instantiation features unlimited locally generated pseudonyms, negligible credential download-and-storage costs, identity recovery by a trusted authority, and compact signatures of 216 Bytes at a 128-bit security level.

With self-driving cars making their way on to our roads, we ask not what it would take for them to gain acceptance among consumers, but what impact they may have on other drivers. How they will be perceived and whether they will be trusted will likely have a major effect on traffic flow and vehicular safety. This work first undertakes an exploratory factor analysis to validate a trust scale for human-robot interaction and shows how previously validated metrics and general trust theory support a more complete model of trust that has increased applicability in the driving domain. We experimentally test this expanded model in the context of human-automation interaction during simulated driving, revealing how using these dimensions uncovers significant biases within human-robot trust that may have particularly deleterious effects when it comes to sharing our future roads with automated vehicles.

With the popularity of Internet applications and rapid development, data using and sharing process may lead to the sensitive information divulgence. To deal with the privacy protection issue more effectively, in this paper, we propose the associated data sets protection model based on game theory from the point of view of realizing benefits from the access of privacy is about happen, quantify the extent to which visitors gain sensitive information, then compares the tolerance of the sensitive information owner and finally decides whether to allow the visitor to make an access request.

Static analysis tools are programs that run on source code prior to their compilation to binary executables and attempt to find flaws or defects in the code during the early stages of development. If left unresolved, these flaws could pose security risks. While numerous static analysis tools exist, there is no single tool that is optimal. Therefore, many static analysis tools are often used to analyze code. Further, some of the alerts generated by the static analysis tools are low-priority or false alarms. Machine learning algorithms have been developed to distinguish between true alerts and false alarms, however significant man hours need to be dedicated to labeling data sets for training. This study investigates the use of active learning to reduce the number of labeled alerts needed to adequately train a classifier. The numerical experiments demonstrate that a query by committee active learning algorithm can be utilized to significantly reduce the number of labeled alerts needed to achieve similar performance as a classifier trained on a data set of nearly 60,000 labeled alerts.

Incident prioritization is nowadays a part of many approaches and tools for network security and risk management. However, the dynamic nature of the problem domain is often unaccounted for. That is, the prioritization is typically based on a set of static calculations, which are rarely adjusted. As a result, incidents are incorrectly prioritized, leading to an increased and misplaced effort in the incident response. A higher degree of automation could help to address this problem. In this paper, we explicitly consider flaws in the prioritization an unalterable circumstance. We propose an adaptive incident prioritization, which allows to automate certain tasks for the prioritization model management in order to continuously assess and improve a prioritization model. At the same time, we acknowledge the human analyst as the focal point and propose to keep the human in the loop, among others by treating understandability as a crucial requirement.

Large scale cloud networks consist of distributed networking and computing elements that process critical information and thus security is a key requirement for any environment. Unfortunately, assessing the security state of such networks is a challenging task and the tools used in the past by security experts such as packet filtering, firewall, Intrusion Detection Systems (IDS) etc., provide a reactive security mechanism. In this paper, we introduce a Moving Target Defense (MTD) based proactive security framework for monitoring attacks which lets us identify and reason about multi-stage attacks that target software vulnerabilities present in a cloud network. We formulate the multi-stage attack scenario as a two-player zero-sum Markov Game (between the attacker and the network administrator) on attack graphs. The rewards and transition probabilities are obtained by leveraging the expert knowledge present in the Common Vulnerability Scoring System (CVSS). Our framework identifies an attacker's optimal policy and places countermeasures to ensure that this attack policy is always detected, thus forcing the attacker to use a sub-optimal policy with higher cost.

Present networks within safety-critical systems rely on complex and inflexible network configurations. New technologies such as software-defined networking are more dynamic and offer more flexibility, but due care needs to be exercised to ensure that safety and security are not compromised by incorrect configurations. To this end, this paper proposes the use of pre-generated and optimized configuration templates. These provide alternate routes for traffic considering availability, resilience and timing constraints where network components fail due to attacks or faults.To obtain these templates, two heuristics based on Dijkstra's algorithm and an optimization algorithm providing the maximum resilience were investigated. While the configurations obtained through optimization yield appropriate templates, the heuristics investigated are not suitable to obtain configuration templates, since they cannot fulfill all requirements.

XSS is one of the common vulnerabilities in web applications. Many black-box testing tools may collect a large number of payloads and traverse them to find a payload that can be successfully injected, but they are not very efficient. And previous research has paid less attention to how to improve the efficiency of black-box testing to detect XSS vulnerability. To improve the efficiency of testing, we develop an XSS testing tool. It collects 6128 payloads and uses a headless browser to detect XSS vulnerability. The tool can discover XSS vulnerability quickly with the ART(Adaptive Random Testing) method. We conduct an experiment using 3 extensively adopted open source vulnerable benchmarks and 2 actual websites to evaluate the ART method. The experimental results indicate that the ART method can effectively improve the fuzzing method by more than 27.1% in reducing the number of attempts before accomplishing a successful injection.

In the Network on Chip (NoC), performance optimization has always been a research focus. Compared with the static routing scheme, dynamical routing schemes can better reduce the data of packet transmission latency under network congestion. In this paper, we propose a dynamical Q-learning routing approach with real-time monitoring of NoC. Firstly, we design a real-time monitoring scheme and the corresponding circuits to record the status of traffic congestion for NoC. Secondly, we propose a novel method of Q-learning. This method finds an optimal path based on the lowest traffic congestion. Finally, we dynamically redistribute network tasks to increase the packet transmission speed and balance the traffic load. Compared with the C-XY routing and DyXY routing, our method achieved improvement in terms of 25.6%-49.5% and 22.9%-43.8%.

The massive adoption of mobile devices by both individuals and companies is raising many security concerns. The fact that such devices are handling sensitive data makes them a target for attackers. Many attack prevention mechanisms are deployed with a last line of defense that focuses on the containment principle. Currently, iOS treats each 3rd party application alike which may lead to security flaws. We propose a framework in which each application has a custom sandboxed environment. We investigated the current confinement architecture used by Apple and built a solution on top of it.

Cyber-physical systems are characterized by strong interactions between their physical and computation parts. The increasing complexity of such systems, now used in numerous application domains (e.g., aeronautics, healthcare), in conjunction with hard to predict surrounding environments or the use of non-traditional middleware and with the presence of non-deterministic or non-explainable software outputs, tend to make traditional Verification and Validation (V&V) techniques ineffective. This paper presents the H2020 ADVANCE project, which aims precisely at addressing the Verification and Validation challenges that the next-generation of cyber-physical systems bring, by exploring techniques, methods and tools for achieving the technical objective of improving the overall efficiency and effectiveness of the V&V process. From a strategic perspective, the goal of the project is to create an international network of expertise on the topic of V&V of cyber-physical systems.