Biblio

For the Internet of things (IoT) secure data aggregation issues, data privacy-preserving and limited computation ability and energy of nodes should be tradeoff. Based on analyzing the pros-and-cons of current works, a low energy- consuming secure data aggregation method (LCSDA) was proposed. This method uses shortest path principle to choose neighbor nodes and generates the data aggregation paths in the cluster based on prim minimum spanning tree algorithm. Simulation results show that this method could effectively cut down energy consumption and reduce the probability of cluster head node being captured, in the same time preserving data privacy.

A reliable database of Indicators of Compromise (IoC’s) is a cornerstone of almost every malware detection system. Building the database and keeping it up-to-date is a lengthy and often manual process where each IoC should be manually reviewed and labeled by an analyst. In this paper, we focus on an automatic way of identifying IoC’s intended to save analysts’ time and scale to the volume of network data. We leverage relations of each IoC to other entities on the internet to build a heterogeneous graph. We formulate a classification task on this graph and apply graph neural networks (GNNs) in order to identify malicious domains. Our experiments show that the presented approach provides promising results on the task of identifying high-risk malware as well as legitimate domains classification.

Cloud data integrity verification was an important means to ensure data security. We used public key infrastructure (PKI) to manage user keys in Traditional way, but there were problems of certificate verification and high cost of key management. In this paper, RSA signature was used to construct a new identity-based cloud audit protocol, which solved the previous problems caused by PKI and supported forward security, and reduced the loss caused by key exposure. Through security analysis, the design scheme could effectively resist forgery attack and support forward security.

The ever-evolving capabilities of cyber attackers force security administrators to focus on the early identification of emerging threats. Targeted cyber attacks usually consist of several phases, from initial reconnaissance of the network environment to final impact on objectives. This paper investigates the identification of multi-step cyber threat scenarios using kill chain and attack graphs. Kill chain and attack graphs are threat modeling concepts that enable determining weak security defense points. We propose a novel kill chain attack graph that merges kill chain and attack graphs together. This approach determines possible chains of attacker’s actions and their materialization within the protected network. The graph generation uses a categorization of threats according to violated security properties. The graph allows determining the kill chain phase the administrator should focus on and applicable countermeasures to mitigate possible cyber threats. We implemented the proposed approach for a predefined range of cyber threats, especially vulnerability exploitation and network threats. The approach was validated on a real-world use case. Publicly available implementation contains a proof-of-concept kill chain attack graph generator.

In healthcare 4.0 ecosystems, authentication of healthcare information allows health stakeholders to be assured that data is originated from correct source. Recently, biometric based authentication is a preferred choice, but as the templates are stored on central servers, there are high chances of copying and generating fake biometrics. An adversary can forge the biometric pattern, and gain access to critical health systems. Thus, to address the limitation, the paper proposes a scheme, PHBio, where an encryption-based biometric system is designed prior before storing the template to the server. Once a user provides his biometrics, the authentication process does not decrypt the data, rather uses a homomorphic-enabled Paillier cryptosystem. The scheme presents the encryption and the comparison part which is based on euclidean distance (EUD) strategy between the user input and the stored template on the server. We consider the minimum distance, and compare the same with a predefined threshold distance value to confirm a biometric match, and authenticate the user. The scheme is compared against parameters like accuracy, false rejection rates (FARs), and execution time. The proposed results indicate the validity of the scheme in real-time health setups.

Mobile Ad-hoc Networks (MANETs) have attracted lots of concerns with its widespread use. In MANETs, wireless nodes usually self-organize into groups to complete collaborative tasks and communicate with one another via public channels which are vulnerable to attacks. Group key management is generally employed to guarantee secure group communication in MANETs. However, most existing group key management schemes for MANETs still suffer from some issues, e.g., receiver restriction, relying on a trusted dealer and heavy certificates overheads. To address these issues, we propose a group key management scheme for MANETs based on an identity-based authenticated dynamic contributory broadcast encryption (IBADConBE) protocol which builds on an earlier work. Our scheme abandons the certificate management and does not need a trusted dealer to distribute a secret key to each node. A set of wireless nodes are allowed to negotiate the secret keys in one round while forming a group. Besides, our scheme is receiver-unrestricted which means any sender can flexibly opt for any favorable nodes of a group as the receivers. Further, our scheme satisfies the authentication, confidentiality of messages, known-security, forward security and backward security concurrently. Performance evaluation shows our scheme is efficient.

Nowadays, the messaging system is one of the most popular mobile applications, and therefore the authentication between clients is essential. Various kinds of such mobile applications are using encryption-based security protocols, but they are facing many security threat issues. It clearly defines the necessity for a trustful security procedure. Therefore, a blockchain-based messaging system could be an alternative to this problem. That is why, we have developed a secured peer-to-peer messaging system supported by blockchain. This proposed mechanism provides data security among the users. In a blockchain-based framework, all the information can be verified and controlled automatically and all the transactions are recorded that have been created already. In our paper, we have explained how the users can communicate through a blockchain-based messaging system that can maintain a secured network. We explored why blockchain would improve communication security in this post, and we proposed a model architecture for blockchain-based messaging that retains the performance and security of data stored on the blockchain. Our proposed architecture is completely decentralized and enables users to send and receive messages in an acceptable and secure manner.

Solidly mounted resonators (SMRs) built on dielectric acoustic reflectors can save several fabrication steps as well as avoid undesired parasitic effects when exciting extended electrodes via capacitive coupling. In this work we manufacture and measure the frequency response of AlN-based SMRs built on 7-layer ZnO/SiO2 acoustic reflectors with SiO2 working as low impedance material and ZnO as high impedance material. After applying a 700°C treatment, their frequency response is measured again and compared with the pre-treatment measurements.

The cloud provides storage for users to share their files in the cloud. Nowadays some shared data auditing schemes are proposed for protecting data integrity. However, preserving the identity privacy of group users and secure user revocation usually result in high computational overhead. Then a shared data auditing scheme supporting identity privacy preserving is proposed that enables users to be effectively revoked. To preserve identity privacy during the audit process, we develop an efficient authenticator generation mechanism that enables public auditing. Our solution supports efficient user revocation, where the authenticator of the revoked user does not need to be regenerated and integrity checking can be performed appropriately. At the same time, the group manager maintains two tables to ensure user traceability. When the user updates data, two tables are modified and updated by the group manager promptly. It shows that our scheme is secure by security analysis. Moreover, concrete experiments prove the performance of the system.

The integration of distributed energy resources (DERs) and expansion of complex network in the distribution grid requires an advanced two-level state estimator to monitor the grid health at micro-level. The distribution state estimator will improve the situational awareness and resiliency of distributed power system. This paper implements a synchrophasors-based master state awareness (MSA) estimator to enhance the cybersecurity in distribution grid by providing a real-time estimation of system operating states to control center operators. In this paper, the implemented MSA estimator utilizes only phasor measurements, bus magnitudes and angles, from phasor measurement units (PMUs), deployed in local substations, to estimate the system states and also detects data integrity attacks, such as load tripping attack that disconnects the load. To validate the proof of concept, we implement this methodology in cyber-physical testbed environment at the Idaho National Laboratory (INL) Electric Grid Security Testbed. Further, to address the "valley of death" and support technology commercialization, field demonstration is also performed at the Critical Infrastructure Test Range Complex (CITRC) at the INL. Our experimental results reveal a promising performance in detecting load tripping attack and providing an accurate situational awareness through an alert visualization dashboard in real-time.

We propose versatile hardware framework for ECC. The framework supports arithmetic operations over P-256, Ed25519 and Curve25519 curves, enabling easy implementation of various ECC algorithms. Framework finds its application area e.g. in FIDO2 attestation or in nowadays rapidly expanding field of hardware wallets. As the design is intended to be ASIC-ready, we designed it to be area efficient. Hardware units are reused for calculations in several finite fields, and some of them are superior to previously designed circuits in terms of time-area product. The framework implements several attack countermeasures. It enables implementation of certain countermeasures even in later stages of design. The design was validated on SoC FPGA.

For some countries around the world, meeting demand is a serious concern. Power supply market is increasingly increasing, posing a big challenge for various countries throughout the world. The increasing expansion in the market for power needs upgrading system dependability to increase the smart grid's resilience. This smart electric grid has a sensor that analyses grid power availability and sends regular updates to the organisation. The internet is currently being utilized to monitor processes and place orders for running variables from faraway places. A large number of scanners have been used to activate electrical equipment for domestic robotics for a long period in the last several days. Conversely, if it is not correctly implemented, it will have a negative impact on cost-effectiveness as well as productivity. For something like a long time, home automation has relied on a large number of sensor nodes to control electrical equipment. Since there are so many detectors, this isn't cost-effective. In this article, develop and accept a wireless communication component and a management system suitable for managing independent efficient network units from voltage rises and voltage control technologies in simultaneous analyzing system reliability in this study. This research paper has considered secondary method to collect relevant and in-depth data related to the wireless sensor network and its usage in smart grid monitoring.

We have several issues in most current supply chain management systems. Consumers want to spend money on environmentally friendly products, but they are seldomly informed of the environmental contributions of the suppliers. Meanwhile, each supplier seeks to recover the costs for the environmental contributions to re-invest them into further contributions. Instead, in most current supply chains, the reward for each supplier is not clearly defined and fairly distributed. To address these issues, we propose a supply-chain contribution management platform for fair reward distribution called ‘Advanced Ledger.’ This platform records suppliers' environ-mental contribution trails, receives rewards from consumers in exchange for trail-backed fungible tokens, and fairly distributes the rewards to each supplier based on the contribution trails. In this paper, we overview the architecture of Advanced Ledger and 11 technical features, including decentralized autonomous organization (DAO) based contribution verification, contribution concealment, negative-valued tokens, fair reward distribution, atomic rewarding, and layer-2 rewarding. We then study the requirements and candidates of the smart contract platforms for implementing Advanced Ledger. Finally, we introduce a use case called ‘ESG token’ built on the Advanced Ledger architecture.

Probabilistic model checking is a useful technique for specifying and verifying properties of stochastic systems including randomized protocols and reinforcement learning models. However, these methods rely on the assumed structure and probabilities of certain system transitions. These assumptions may be incorrect, and may even be violated by an adversary who gains control of some system components. In this paper, we develop a formal framework for adversarial robustness in systems modeled as discrete time Markov chains (DTMCs). We base our framework on existing methods for verifying probabilistic temporal logic properties and extend it to include deterministic, memoryless policies acting in Markov decision processes (MDPs). Our framework includes a flexible approach for specifying structure-preserving and non structure-preserving adversarial models. We outline a class of threat models under which adversaries can perturb system transitions, constrained by an ε ball around the original transition probabilities. We define three main DTMC adversarial robustness problems: adversarial robustness verification, maximal δ synthesis, and worst case attack synthesis. We present two optimization-based solutions to these three problems, leveraging traditional and parametric probabilistic model checking techniques. We then evaluate our solutions on two stochastic protocols and a collection of Grid World case studies, which model an agent acting in an environment described as an MDP. We find that the parametric solution results in fast computation for small parameter spaces. In the case of less restrictive (stronger) adversaries, the number of parameters increases, and directly computing property satisfaction probabilities is more scalable. We demonstrate the usefulness of our definitions and solutions by comparing system outcomes over various properties, threat models, and case studies.

The security control problem of cyber-physical system (CPS) under actuator attacks is studied in the paper. Considering the strict-feedback cyber-physical systems with external disturbance, a security control scheme is proposed by combining backstepping method and super-twisting sliding mode technology when the transmission control input signal of network layer is under false data injection(FDI) attack. Firstly, the unknown nonlinear function of the CPS is identified by Radial Basis Function Neural Network. Secondly, the backstepping method and super-twisting sliding mode algorithm are combined to eliminate the influence of actuator attack and ensure the robustness of the control system. Then, by Lyapunov stability theory, it is proved that the proposed control scheme can ensure that all signals in the closed-loop system are semi-global and ultimately uniformly bounded. Finally, the effectiveness of the proposed control scheme is verified by the inverted pendulum simulation.

As the COVID-19 continues to spread globally, more and more companies are transforming into remote online offices, leading to the expansion of electronic signatures. However, the existing electronic signatures platform has the problem of data-centered management. The system is subject to data loss, tampering, and leakage when an attack from outside or inside occurs. In response to the above problems, this paper designs an electronic signature solution and implements a prototype system based on the consortium blockchain. The solution divides the contract signing process into four states: contract upload, initiation signing, verification signing, and confirm signing. The signing process is mapped with the blockchain-linked data. Users initiate the signature transaction by signing the uploaded contract's hash. The sign state transition is triggered when the transaction is uploaded to the blockchain under the consensus mechanism and the smart contract control, which effectively ensures the integrity of the electronic contract and the non-repudiation of the electronic signature. Finally, the blockchain performance test shows that the system can be applied to the business scenario of contract signing.

Estimation for obesity levels is always an important topic in medical field since it can provide useful guidance for people that would like to lose weight or keep fit. The article tries to find a model that can predict obesity and provides people with the information of how to avoid overweight. To be more specific, this article applied dimension reduction to the data set to simplify the data and tried to Figure out a most decisive feature of obesity through Principal Component Analysis (PCA) based on the data set. The article also used some machine learning methods like Support Vector Machine (SVM), Decision Tree to do prediction of obesity and wanted to find the major reason of obesity. In addition, the article uses Artificial Neural Network (ANN) to do prediction which has more powerful feature extraction ability to do this. Finally, the article found that family history of obesity is the most decisive feature, and it may because of obesity may be greatly affected by genes or the family eating diet may have great influence. And both ANN and Decision tree’s accuracy of prediction is higher than 90%.

The fast-evolving Intelligent Transportation Systems (ITS) are crucial in the 21st century, promising answers to congestion and accidents that bother people worldwide. ITS applications such as Connected and Autonomous Vehicle (CAVs) update and broadcasts road incident event messages, and this requires significant data to be transmitted between vehicles for a decision to be made in real-time. However, broadcasting trusted incident messages such as accident alerts between vehicles pose a challenge for CAVs. Most of the existing-trust solutions are based on the vehicle's direct interaction base reputation and the psychological approaches to evaluate the trustworthiness of the received messages. This paper provides a scheme for improving trust in the received incident alert messages for real-time decision-making to detect malicious alerts between CAVs using direct and indirect interactions. This paper applies artificial intelligence and statistical data classification for decision-making on the received messages. The model is trained based on the US Department of Technology Safety Pilot Deployment Model (SPMD). An Autonomous Decision-making Trust Scheme (ADmTS) that incorporates a machine learning algorithm and a local trust manager for decision-making has been developed. The experiment showed that the trained model could make correct predictions such as 98% and 0.55% standard deviation accuracy in predicting false alerts on the 25% malicious data

In the era of big data, information security is faced with many threats, among which memory data security of intelligent devices is an important link. Attackers can read the memory of specific devices, and then steal secrets, alter data, affect the operation of intelligent devices, and bring security threats. Data security is usually protected by encryption algorithm for device ciphertext conversion, so the safe generation and use of key becomes particularly important. In this paper, based on the advantages of SRAM PUF, such as real-time generation, power failure and disappearance, safety and reliability, a key generation unit is designed and implemented. BCH code is used as the error correction algorithm to generate 128-bit stable key, which provides a guarantee for the safe storage of intelligent devices.

This article analyzes the current situation of computer network security in colleges and universities, future development trends, and the relationship between software vulnerabilities and worm outbreaks. After analyzing a server model with buffer overflow vulnerabilities, a worm implementation model based on remote buffer overflow technology is proposed. Complex networks are the medium of worm propagation. By analyzing common complex network evolution models (rule network models, ER random graph model, WS small world network model, BA scale-free network model) and network node characteristics such as extraction degree distribution, single source shortest distance, network cluster coefficient, richness coefficient, and close center coefficient.

We propose the use of dual coding concatenation for mitigation of post-shaping burst errors in probabilistic amplitude shaping (PAS) architectures. The proposed dual coding concatenation for PAS is a hybrid integration of conventional reverse concatenation and forward concatenation, i.e., post-shaping forward error correction (FEC) layer and pre-shaping FEC layer, respectively. A low-complexity architecture based on parallel Bose–Chaudhuri–Hocquenghem (BCH) codes is introduced for the pre-shaping FEC layer. Proposed dual coding concatenation can relax bit error rate (BER) requirement after post-shaping soft-decision (SD) FEC codes by an order of magnitude, resulting in a gain of up to 0.25 dB depending on the complexity of post-shaping FEC. Also, combined shaping and coding performance was analyzed based on sphere shaping and the impact of shaping length on coding performance was demonstrated.

Intrusion detection systems (IDSs) are widely deployed in the industrial control systems to protect network security. IDSs typically generate a huge number of alerts, which are time-consuming for system operators to process. Most of the alerts are individually insignificant false alarms. However, it is not the best solution to discard these alerts, as they can still provide useful information about network situation. Based on the study of characteristics of alerts in the industrial control systems, we adopt an enhanced method of exponentially weighted moving average (EWMA) control charts to help operators in processing alerts. We classify all detection signatures as regular and irregular according to their frequencies, set multiple control limits to detect anomalies, and monitor regular signatures for network security situational awareness. Extensive experiments have been performed using real-world alert data. Simulation results demonstrate that the proposed enhanced EWMA method can greatly reduce the volume of alerts to be processed while reserving significant abnormal information.

This study purpose was to examine the determinant factors that affect the Micro, Small, and Medium Enterprise (MSME) merchants who had the intention to use Quick Response Code Indonesian Standard (QRIS) as a payment system. QRIS was expected to be applied by merchants to diminish the virus spread and keep the circulation of money safe; but there were not many merchants using the QRIS as a payment method. The factors MSME merchant might not use the QRIS were related to perceived usefulness, perceived security, perceived ease of use, and trust. The population was MSMEs in South Tangerang City who did not use QRIS yet and the population was unknown. Using the Lemeshow formula, obtained a sample of 115 people, and the sampling technique used purposive sampling. Then data were analyzed using multi-regression analysis and processed by SPSS. The results indicated that perceived usefulness and perceived security had a significant affect on trust, whereas trust and ease of use significant affect the intention to use QRIS. Moreover, trust was able to mediate the perceived usefulness to intention to use. Since ease of use had no significant affect on trust, then the mediation given by trust to perceived ease of use had no significant affect on intention to use.

In software engineering, the aspect of addressing security requirements is considered to be of paramount importance. In most cases, however, security requirements for a system are considered as non-functional requirements (NFRs) and are addressed at the very end of the software development life cycle. The increasing number of security incidents in software systems around the world has made researchers and developers rethink and consider this issue at an earlier stage. An important and essential step towards this process is the elicitation of relevant security requirements. In a recent work, Imtiaz et al. proposed a framework for creating a mapping between existing requirements and the vulnerabilities associated with them. The idea is that, this mapping can be used by developers to predict potential vulnerabilities associated with new functional requirements and capture security requirements to avoid these vulnerabilities. However, to what extent, such existing vulnerability information can be useful in security requirements elicitation is still an open question. In this paper, we design a human subject study to answer this question. We also present the results of a pilot study and discuss their implications. Preliminary results show that existing vulnerability information can be a useful resource in eliciting security requirements and lays ground work for a full scale study.

Face recognition technology is widely employed in a variety of applications, including public security, criminal identification, multimedia data management, and so on. Because of its importance for practical applications and theoretical issues, the facial recognition system has received a lot of attention. Furthermore, numerous strategies have been offered, each of which has shown to be a significant benefit in the field of facial and pattern recognition systems. Face recognition still faces substantial hurdles in unrestricted situations, despite these advancements. Deep learning techniques for facial recognition are presented in this paper for accurate detection and identification of facial images. The primary goal of facial recognition is to recognize and validate facial features. The database consists of 500 color images of people that have been pre-processed and features extracted using Linear Discriminant Analysis. These features are split into 70 percent for training and 30 percent for testing of decision tree classifiers for the computation of face recognition system performance.