Biblio

In view of the problems that the existing power grid risk assessment mainly depends on the data fusion of decision-making level, which has strong subjectivity and less effective information, this paper proposes a risk assessment method of microgrid system based on random matrix theory. Firstly, the time series data of multiple sensors are constructed into a high-dimensional matrix according to the different parameter types and nodes; Then, based on random matrix theory and sliding time window processing, the average spectral radius sequence is calculated to characterize the state of microgrid system. Finally, an example is given to verify the effectiveness of the method.

In this paper, a novel method is proposed to assess the power system resilience considering the impacts of hurricanes. Firstly, the transmission line outage model correlated to wind speed is developed. Then, Probability Load Flow (PLF) considering the random outage of lines and the variation of loads is designed, and Latin Hypercube Sampling (LHS) is used to improve the efficiency of Monte Carlo Simulation (MCS) in solving PLF. Moreover, risk indices, including line overloading, node voltage exceeding limit, load shedding and system collapse, are established to assess the resilience of power systems during hurricanes. The method is tested with a modified IEEE 14-bus system, and simulation results indicate the effectiveness of the proposed approach.

This publication deals with the robust attitude stabilization of a quadrotor subject to stealthy actuator attacks. Based first on the nonlinear model of the system, the sector non-linearity approach will be applied in order to deduce a polytopic Takagi-sugeno model. In parallel, a polytopic fuzzy T-S modeling of the data-deception malicious attacks (time-varying parameters) is presented. After some mathematical development, it will be shown that our original nonlinear system subject to stealthy actuator attacks can be represented as an uncertain polytopic T-S system. Based on this latest model, basic concepts for attitude stabilization will be used to implement the control law. The stabilization conditions will be given in terms of Linear Matrix Inequalities (LMIs) deduced from a classical Lyapunov approach. In order to highlight the efficiency of the proposed approach, simulation results will be given.

This paper proposes a Mobile IoT optimization method for Next-Generation networks by evaluating a series of named-based techniques implemented in Information-Centric Networking (ICN). The idea is based on the possibility to have a more suitable naming and forwarding mechanism to be implemented in IoT. The main advantage of the method is in achieving a higher success packet rate and data rate by following the proposed technique even when the device is mobile / roaming around. The proposed technique is utilizing a root prefix naming which allows faster process and dynamic increase for content waiting time in Pending Interest Table (PIT). To test the idea, a simulation is carried out by mimicking how IoT can be implemented, especially in smart cities, where a user can also travel and not be static. Results show that the proposed technique can achieve up to a 13% interest success rate and an 18.7% data rate increase compared to the well-known implementation algorithms. The findings allow for possible further cooperation of data security factors and ensuring energy reduction through leveraging more processes at the edge node.

This paper provides an in-depth analysis of Android malware that bypassed the strictest defenses of the Google Play application store and penetrated the official Android market between January 2016 and July 2021. We systematically identified 1,238 such malicious applications, grouped them into 134 families, and manually analyzed one application from 105 distinct families. During our manual analysis, we identified malicious payloads the applications execute, conditions guarding execution of the payloads, hiding techniques applications employ to evade detection by the user, and other implementation-level properties relevant for automated malware detection. As most applications in our dataset contain multiple payloads, each triggered via its own complex activation logic, we also contribute a graph-based representation showing activation paths for all application payloads in form of a control- and data-flow graph. Furthermore, we discuss the capabilities of existing malware detection tools, put them in context of the properties observed in the analyzed malware, and identify gaps and future research directions. We believe that our detailed analysis of the recent, evasive malware will be of interest to researchers and practitioners and will help further improve malware detection tools.

SaaS is a cloud-based application service that allows users to use applications that work in a cloud environment. SaaS is a subscription type, and the service expenditure varies depending on the license, the number of users, and duration of use. For efficient network management, security and cost management, accurate detection of user behavior for SaaS applications is required. In this paper, we propose a rule-based traffic analysis method for the user behavior detection. We conduct comparative experiments with signature-based method by using the real SaaS application and demonstrate the validity of the proposed method.

Soft real-time applications, including multimedia, gaming, and smart appliances, rely on specific architectural characteristics to deliver output in a time-constrained fashion. Any violation of application deadlines can lower the Quality-of-Service (QoS). The data sets associated with these applications are distributed over cores that communicate via Network-on-Chip (NoC) in multi-core systems. Accordingly, the response time of such applications depends on the worst-case latency of request/reply packets. A malicious implant such as Hardware Trojan (HT) that initiates a delay-of-service attack can tamper with the system performance. We model an HT that mounts a time-delay attack in the system by violating the path selection strategy used by the adaptive NoC router. Our analysis shows that once activated, the proposed HT increases the packet latency by 17% and degrades the system performance (IPC) by 18% over the Baseline. Furthermore, we propose an HT detection framework that uses packet traffic analysis and path monitoring to localise the HT. Experiment results show that the proposed detection framework exhibits 4.8% less power consumption and 6.4% less area than the existing technique.

Having high safety and effective computational property, the elliptic curve cryptosystem is very suitable for embedded mobile environment with resource constraints. Power attack is a powerful cipher attack method, it uses leaking information of cipher-chip in its operation process to attack chip cryptographic algorithms. In view of the situation that the power attack on the elliptic curve cryptosystem mainly concentrates on scalar multiplication operation an improved algorithm FWNAF based on RWNAF is proposed. This algorithm utilizes the fragments window technology further improves the utilization ratio of the storage resource and reduces the “jitter phenomenon” in system computing performance caused by the sharp change in system resources.

Encryption defined as change information process (which called plaintext) into an unreadable secret format (which called ciphertext). This ciphertext could not be easily understood by somebody except authorized parson. Decryption is the process to converting ciphertext back into plaintext. Deoxyribonucleic Acid (DNA) based information ciphering techniques recently used in large number of encryption algorithms. DNA used as data carrier and the modern biological technology is used as implementation tool. New encryption algorithm based on DNA is proposed in this paper. The suggested approach consists of three steps (conventional, stream cipher and DNA) to get high security levels. The character was replaced by shifting depend character location in conventional step, convert to ASCII and AddRoundKey was used in stream cipher step. The result from second step converted to DNA then applying AddRoundKey with DNA key. The evaluation performance results proved that the proposed algorithm cipher the important data with high security levels.

The widespread adoption of eCommerce, iBanking, and eGovernment institutions has resulted in an exponential rise in the use of web applications. Due to a large number of users, web applications have become a prime target of cybercriminals who want to steal Personally Identifiable Information (PII) and disrupt business activities. Hence, there is a dire need to audit the websites and ensure information security. In this regard, several web vulnerability scanners are employed for vulnerability assessment of web applications but attacks are still increasing day by day. Therefore, a considerable amount of research has been carried out to measure the effectiveness and limitations of the publicly available web scanners. It is identified that most of the publicly available scanners possess weaknesses and do not generate desired results. In this paper, the evaluation of publicly available web vulnerability scanners is performed against the top ten OWASP11OWASP® The Open Web Application Security Project (OWASP) is an online community that produces comprehensive articles, documentation, methodologies, and tools in the arena of web and mobile security. vulnerabilities and their performance is measured on the precision of their results. Based on these results, we proposed an Integrated Multi-Agent Blackbox Security Assessment Tool (SAT) for the security assessment of web applications. Research has proved that the vulnerabilities assessment results of the SAT are more extensive and accurate.

This paper introduces a new type of attack on isolated, air-gapped workstations. Although air-gap computers have no wireless connectivity, we show that attackers can use the SATA cable as a wireless antenna to transfer radio signals at the 6 GHz frequency band. The Serial ATA (SATA) is a bus interface widely used in modern computers and connects the host bus to mass storage devices such as hard disk drives, optical drives, and solid-state drives. The prevalence of the SATA interface makes this attack highly available to attackers in a wide range of computer systems and IT environments. We discuss related work on this topic and provide technical background. We show the design of the transmitter and receiver and present the implementation of these components. We also demonstrate the attack on different computers and provide the evaluation. The results show that attackers can use the SATA cable to transfer a brief amount of sensitive information from highly secured, air-gap computers wirelessly to a nearby receiver. Furthermore, we show that the attack can operate from user mode, is effective even from inside a Virtual Machine (VM), and can successfully work with other running workloads in the background. Finally, we discuss defense and mitigation techniques for this new air-gap attack.

Deep learning has been widely applied for jobs involving face inpainting, however, there are usually some problems, such as incoherent inpainting edges, lack of diversity of generated images and other problems. In order to get more feature information and improve the inpainting effect, we therefore propose a Generative Adversarial Network of Skip Connection (SCGAN), which connects the encoder layers and the decoder layers by skip connection in the generator. The coherence and consistency of the image inpainting edges are improved, and the finer features of the image inpainting are refined, simultaneously using the discriminator's local and global double discriminators model. We also employ WGAN-GP loss to enhance model stability during training, prevent model collapse, and increase the variety of inpainting face images. Finally, experiments on the CelebA dataset and the LFW dataset are performed, and the model's performance is assessed using the PSNR and SSIM indices. Our model's face image inpainting is more realistic and coherent than that of other models, and the model training is more reliable.

The age of data (AoD) is identified as one of the most novel and important metrics to measure the quality of big data analytics for Internet-of-Things (IoT) applications. Meanwhile, mobile edge computing (MEC) is envisioned as an enabling technology to minimize the AoD of IoT applications by processing the data in edge servers close to IoT devices. In this paper, we study the AoD minimization problem for IoT big data processing in MEC networks. We first propose an exact solution for the problem by formulating it as an Integer Linear Program (ILP). We then propose an efficient heuristic for the offline AoD minimization problem. We also devise an approximation algorithm with a provable approximation ratio for a special case of the problem, by leveraging the parametric rounding technique. We thirdly develop an online learning algorithm with a bounded regret for the online AoD minimization problem under dynamic arrivals of IoT requests and uncertain network delay assumptions, by adopting the Multi-Armed Bandit (MAB) technique. We finally evaluate the performance of the proposed algorithms by extensive simulations and implementations in a real test-bed. Results show that the proposed algorithms outperform existing approaches by reducing the AoD around 10%.

One way to detect and assess software vulnerabilities is by extracting security-related information from commit messages. Automating the detection and assessment of vulnerabilities upon security commit messages is still challenging due to the lack of structured and clear messages. We created a convention, called SECOM, for security commit messages that structure and include bits of security-related information that are essential for detecting and assessing vulnerabilities for both humans and tools. The full convention and details are available here: https://tqrg.github.io/secom/.

This paper investigates the secrecy outage performance of Multiple Input Multiple Output (MIMO) secondary nodes for underlay Cognitive Radio Network (CRN) over α–μ fading channel. Here, the proposed system consists of one active eavesdropper and two primary nodes each with a single antenna. The power of the secondary transmitter depends on the harvested energy from the primary transmitter to save more energy and spectrum. Moreover, a Transmit Antenna Selection (TAS) scheme is adopted at the secondary source, while the Maximal Ratio Combining (MRC) technique is employed at the secondary receiver to optimize the quality of the signal. A lower bound closed-form phrase for the secrecy outage performance is derived to demonstrate the effects of the channel parameters. In addition, numerical results illustrate that the number of source transmit antennas, destination received antenna, and the eavesdropper received antenna have significant effects on improving the secrecy performance.

Cooperative secure computing based on the relationship between numerical value and numerical interval is not only the basic problems of secure multiparty computing but also the core problems of cooperative secure computing. It is of substantial theoretical and practical significance for information security in relation to scientific computing to continuously investigate and construct solutions to such problems. Based on the Goldwasser-Micali homomorphic encryption scheme, this paper propose the Morton rule, according to the characteristics of the interval, a double-length vector is constructed to participate in the exclusive-or operation, and an efficient cooperative decision-making solution for integer and integer interval security is designed. This solution can solve more basic problems in cooperative security computation after suitable transformations. A theoretical analysis shows that this solution is safe and efficient. Finally, applications that are based on these protocols are presented.

IoT technology is finding new applications every day and everywhere in our daily lives. With that, come new use cases with new challenges in terms of device and data security. One of such challenges arises from the fact that many IoT devices/nodes are no longer being deployed on owners' premises, but rather on public or private property other than the owner's. With potential physical access to the IoT node, adversaries can launch many attacks that circumvent conventional protection methods. In this paper, we propose Secure SoC (SecSoC), a secure system-on-chip architecture that mitigates such attacks. This include logical memory dump attacks, bus snooping attacks, and compromised operating systems. SecSoC relies on two main mechanisms, (1) providing security extensions to the compute engine that runs the user application without changing its instruction set, (2) adding a security management unit (SMU) that provide HW security primitives for encryption, hashing, random number generators, and secrets store (keys, certificates, etc.). SecSoC ensures that no secret or sensitive data can leave the SoC IC in plaintext. SecSoC is being implemented in Bluespec System V erilog. The experimental results will reveal the area, power, and cycle time overhead of these security extensions. Overall performance (total execution time) will also be evaluated using IoT benchmarks.

With the advent of cloud storage services many users tend to store their data in the cloud to save storage cost. However, this has lead to many security concerns, and one of the most important ones is ensuring data integrity. Public verification schemes are able to employ a third party auditor to perform data auditing on behalf of the user. But most public verification schemes are vulnerable to procrastinating auditors who may not perform auditing on time. These schemes do not have fair arbitration also, i.e. they lack a way to punish the malicious Cloud Service Provider (CSP) and compensate user whose data has been corrupted. On the other hand, CSP might be storing redundant data that could increase the storage cost for the CSP and computational cost of data auditing for the user. In this paper, we propose a Blockchain-based public auditing and deduplication scheme with a fair arbitration system against procrastinating auditors. The key idea requires auditors to record each verification using smart contract and store the result into a Blockchain as a transaction. Our scheme can detect and punish the procrastinating auditors and compensate users in the case of any data loss. Additionally, our scheme can detect and delete duplicate data that improve storage utilization and reduce the computational cost of data verification. Experimental evaluation demonstrates that our scheme is provably secure and does not incur overhead compared to the existing public auditing techniques while offering an additional feature of verifying the auditor’s performance.

With the ubiquitous advancement in smart medical devices and systems, the potential of Remote Patient Monitoring (RPM) network is evolving in modern healthcare systems. The medical professionals (doctors, nurses, or medical experts) can access vitals and sensitive physiological information about the patients and provide proper treatment to improve the quality of life through the RPM network. However, the wireless nature of communication in the RPM network makes it challenging to design an efficient mechanism for secure communication. Many authentication schemes have been proposed in recent years to ensure the security of the RPM network. Pseudonym, digital signature, and Authenticated Key Exchange (AKE) protocols are used for the Internet of Medical Things (IoMT) to develop secure authorization and privacy-preserving communication. However, traditional authentication protocols face overhead challenges due to maintaining a large set of key-pairs or pseudonyms results on the hospital cloud server. In this research work, we identify this research gap and propose a novel secure and efficient privacy-preserving authentication scheme using cuckoo filters for the RPM network. The use of cuckoo filters in our proposed scheme provides an efficient way for mutual anonymous authentication and a secret shared key establishment process between medical professionals and patients. Moreover, we identify the misbehaving sensor nodes using a correlation-based anomaly detection model to establish secure communication. The security analysis and formal security validation using SPAN and AVISPA tools show the robustness of our proposed scheme against message modification attacks, replay attacks, and man-in-the-middle attacks.

Sample-then-lock construction is a reusable fuzzy extractor for low-entropy sources. When applied on iris recognition scenarios, many subsets of an iris-code are used to lock the cryptographic key. The security of this construction relies on the entropy of subsets of iris codes. Simhadri et al. reported a security level of 32 bits on iris sources. In this paper, we propose two kinds of attacks to crack existing sample-then-lock schemes. Exploiting the low-entropy subsets, our attacks can break the locked key and the enrollment iris-code respectively in less than 220 brute force attempts. To protect from these proposed attacks, we design an improved sample-then-lock scheme. More precisely, our scheme employs stability and discriminability to select high-entropy subsets to lock the genuine secret, and conceals genuine locker by a large amount of chaff lockers. Our experiment verifies that existing schemes are vulnerable to the proposed attacks with a security level of less than 20 bits, while our scheme can resist these attacks with a security level of more than 100 bits when number of genuine subsets is 106.

In recent times, Network-on-Chip (NoC) has become state of the art for communication in Multiprocessor System-on-Chip due to the existing scalability issues in this area. However, these systems are exposed to security threats such as extraction of secret information. Therefore, the need for secure communication arises in such environments. In this work, we present a communication protocol based on authenticated encryption with recovery mechanisms to establish secure end-to-end communication between the NoC nodes. In addition, a selected key agreement approach required for secure communication is implemented. The security functionality is located in the network adapter of each processing element. If data is tampered with or deleted during transmission, recovery mechanisms ensure that the corrupted data is retransmitted by the network adapter without the need of interference from the processing element. We simulated and implemented the complete system with SystemC TLM using the NoC simulation platform PANACA. Our results show that we can keep a high rate of correctly transmitted information even when attackers infiltrated the NoC system.

This paper presents a novel authentication method based on a distributed version of Kerberos for UAVs. One of the major problems of UAVs in recent years has been cyber-attacks which allow attackers to control the UAV or access its information. The growing use of UAVs has encouraged us to investigate the methods of their protection especially authentication of their users. In the past, the Kerberos system was rarely used for authentication in UAV systems. In our proposed method, based on a distributed version of Kerberos, we can authenticate multiple ground stations, users, and controllers for one or more UAVs. This method considers most of the security aspects to protect UAV systems mainly in the authentication phase and improves the security of UAVs and ground control stations and their communications considerably.

A recommender system aims to suggest the most relevant items to users based on their personal data. However, data privacy is a growing concern for anyone. Secure recommender system is a research direction to preserve user privacy while maintaining as high performance as possible. The most recent strategy is to use Federated Learning, a machine learning technique for privacy-preserving distributed training. In Federated Learning, a subset of users will be selected for training model using data at local systems, the server will securely aggregate the computing result from local models to generate a global model, finally that model will give recommendations to users. In this paper, we present a novel algorithm to train Collaborative Filtering recommender system specialized for the ranking task in Federated Learning setting, where the goal is to protect user interaction information (i.e., implicit feedback). Specifically, with the help of the algorithm, the recommender system will be trained by Neural Collaborative Filtering, one of the state-of-the-art matrix factorization methods and Bayesian Personalized Ranking, the most common pairwise approach. In contrast to existing approaches which protect user privacy by requiring users to download/upload the information associated with all interactions that they can possibly interact with in order to perform training, the algorithm can protect user privacy at low communication cost, where users only need to obtain/transfer the information related to a small number of interactions per training iteration. Above all, through extensive experiments, the algorithm has demonstrated to utilize user data more efficient than the most recent research called FedeRank, while ensuring that user privacy is still preserved.

We have proposed a new Smart Meter Application (SMA) Framework. This application registers consumers at utility provider (Electricity), takes the meter reading for electricity and makes billing. The proposed application might offer higher level of flexibility and security, time saving and trustworthiness between consumers and authority offices. It’s expected that the application will be developed by Flutter to support Android and iOS Mobile Operating Systems.

Nowadays, improving the reliability and security of the transmitted data has gained more attention with the increase in emerging power-limited and lightweight communication devices. Also, the transmission needs to meet specific latency requirements. Combining data encryption and encoding in one physical layer block has been exploited to study the effect on security and latency over traditional sequential data transmission. Some of the current works target secure error-correcting codes that may be candidates for post-quantum computing. However, modifying the popularly used channel coding techniques to guarantee secrecy and maintain the same error performance and complexity at the decoder is challenging since the structure of the channel coding blocks is altered which results in less optimal decoding performance. Also, the redundancy nature of the error-correcting codes complicates the encryption method. In this paper, we briefly review the proposed security schemes on Turbo codes. Then, we propose a secure turbo code design and compare it with the relevant security schemes in the literature. We show that the proposed method is more secure without adding complexity.