Biblio

IoT systems commonly rely on cloud services. However, utilizing cloud providers can be problematic in terms of data security. Data stored in the cloud need to be secured from unauthorized malicious nodes and from the cloud providers themselves. Using a simple symmetric cipher can encrypt the data before uploading and decrypt it while retrieving. However, such a solution can be only applied between two parties with no support for multiple nodes. Whereas in IoT scenarios, many smart devices communicate and share data with each other. This paper proposes a solution that tackles the issue of sharing data securely between IoT devices by implementing a system that allows secure sharing of encrypted data in untrusted clouds. The implementation of the system performs the computation on connectionless clients with no involvement of the cloud server nor any third party. The cloud server is only used as a passive storage server. Analysis of the implemented prototype demonstrates that the system can be used in real-life applications with relatively small overhead. Based on the used hardware, key generation takes about 60 nanoseconds and the storage overhead is only a few kilobytes for large number of files and/or users.

Today the mobile devices are more and more present in our lives, and the mobile applications market has experienced a sharp growth. Most of these applications are made to make our daily lives easier, and for this a large part of them consume various web services. Given this transition, from desktop and web applications to mobile applications, many critical services have begun to expose their APIs for use by such application clients. Unfortunately, this transition has paved the way for new vulnerabilities, vulnerabilities used to compress cloud services. In this article we analyzed the main security problems and how they can be solved using the attestation services, the services that indicate that the device running the application and the client application are genuine.

The rapid development of blockchain application technology promotes continuous exploration in the field of computer application science. Although it is still in the initial stage of development, the technical features of blockchain technology such as decentralization, identity verification, tamper resistance, data integrity, and security are regarded as excellent solutions to today's computer security technical problems. In this paper, we will analyze and compare blockchain data storage and cloud data processing technologies, focusing on the concept and technology of blockchain distributed data storage technology, and analyze and summarize the key issues. The results of this paper will provide a useful reference for the application and research of blockchain technology in cloud storage security.

In this paper, we present the Cloud Property Graph (CloudPG), which bridges the gap between static code analysis and runtime security assessment of cloud services. The CloudPG is able to resolve data flows between cloud applications deployed on different resources, and contextualizes the graph with runtime information, such as encryption settings. To provide a vendorand technology-independent representation of a cloud service's security posture, the graph is based on an ontology of cloud resources, their functionalities and security features. We show, using an example, that our CloudPG framework can be used by security experts to identify weaknesses in their cloud deployments, spanning multiple vendors or technologies, such as AWS, Azure and Kubernetes. This includes misconfigurations, such as publicly accessible storages or undesired data flows within a cloud service, as restricted by regulations such as GDPR.

Malwares are the key means leveraged by threat actors in the cyber space for their attacks. There is a large array of commercial solutions in the market and significant scientific research to tackle the challenge of the detection and defense against malwares. At the same time, attackers also advance their capabilities in creating polymorphic and metamorphic malwares to make it increasingly challenging for existing solutions. To tackle this issue, we propose a methodology to perform malware detection and family attribution. The proposed methodology first performs the extraction of opcodes from malwares in each family and constructs their respective opcode graphs. We explore the use of clustering algorithms on the opcode graphs to detect clusters of malwares within the same malware family. Such clusters can be seen as belonging to different sub-family groups. Opcode graph signatures are built from each detected cluster. Hence, for each malware family, a group of signatures is generated to represent the family. These signatures are used to classify an unknown sample as benign or belonging to one the malware families. We evaluate our methodology by performing experiments on a dataset consisting of both benign files and malware samples belonging to a number of different malware families and comparing the results to existing approach.

Analyzing safety and security requirements remains a difficult task in the development of real-life network protocols. Although numerous modeling and analyzing methods have been proposed in the past decades, most of them handle safety and security requirements separately without considering their interplay. In this work, we propose a collaborative modeling framework that enables co-analysis of safety and security requirements for network protocols. Our modeling framework is based on a well-defined type system and supports modeling of network topology, message flows, protocol behaviors and attacker behaviors. It also supports the specification of safety requirements as temporal logical formulae and typical security requirements as queries, and leverages on the existing verification tools for formal safety and security analysis via model transformations. We have implemented this framework in a prototype tool CMSS, and illustrated the capability of CMSS by using the 5G AKA initialization protocol as a case study.

Cognitive radio primary network secure communication strategy based on secondary user energy harvesting and primary user destination assistance is investigated to guarantee primary user secure communication in cognitive radio network. In the proposed strategy, the primary network selects the best secondary user to forward the traffic from a primary transmitter (PT) to a primary receiver (PR). The best secondary user implements beamforming technique to assist primary network for secure communication. The remaining secondary transmitters harvest energy and transmit information to secondary receiver over the licensed primary spectrum. In order to further enhance the security of primary network and increase the harvested energy for the remaining secondary users, a destination-assisted jamming signal transmission strategy is proposed. In this strategy, artificial noise jamming signal transmitted by PR not only confuses eavesdropper, but also be used to power the remaining secondary users. Simulation results demonstrate that, the proposed strategy allows secondary users to communicate in the licensed primary spectrum. It enhances primary network secure communication performance dramatically with the joint design of secondary user transmission power and beamforming vectors. Furthermore, physical layer security of primary and secondary network can also be guaranteed via the proposed cognitive radio primary network secure communication strategy.

In photovoltaic (PV) systems, machine learning-based methods have been used for fault detection and diagnosis in the past years, which require large amounts of data. However, fault types in a single PV station are usually insufficient in practice. Due to insufficient and non-identically distributed data, packet loss and privacy concerns, it is difficult to train a model for diagnosing all fault types. To address these issues, in this paper, we propose a decentralized federated learning (FL)-based fault diagnosis method for insulated gate bipolar transistor (IGBT) open-circuits in PV inverters. All PV stations use the convolutional neural network (CNN) to train local diagnosis models. By aggregating neighboring model parameters, each PV station benefits from the fault diagnosis knowledge learned from neighbors and achieves diagnosing all fault types without sharing original data. Extensive experiments are conducted in terms of non-identical data distributions, various transmission channel conditions and whether to use the FL framework. The results are as follows: 1) Using data with non-identical distributions, the collaboratively trained model diagnoses faults accurately and robustly; 2) The continuous transmission and aggregation of model parameters in multiple rounds make it possible to obtain ideal training results even in the presence of packet loss; 3) The proposed method allows each PV station to diagnose all fault types without original data sharing, which protects data privacy.

Cross-Site scripting (XSS) is a common class of vulnerabilities in the domain of web applications. As it re-mains prevalent despite continued efforts by practitioners and researchers, site operators often seek to protect their assets using web application firewalls (WAFs). These systems employ filtering mechanisms to intercept and reject requests that may be suitable to exploit XSS flaws and related vulnerabilities such as SQL injections. However, they generally do not offer complete protection and can often be bypassed using specifically crafted exploits. In this work, we evaluate the effectiveness of WAFs to detect XSS exploits. We develop an attack grammar and use a combinatorial testing approach to generate attack vectors. We compare our vectors with conventional counterparts and their ability to bypass different WAFs. Our results show that the vectors generated with combinatorial testing perform equal or better in almost all cases. They further confirm that most of the rule sets evaluated in this work can be bypassed by at least one of these crafted inputs.

Automatic modulation recognition (AMR) plays an important role in cognitive radio and electronic reconnaissance applications. In order to solve the problem that the lack of modulation signal data sets, the labeled data sets are generated by the software radio equipment NI-USRP 2920 and LabVIEW software development tool. In this paper, a combined network based on deep learning is proposed to identify ten types of digital modulation signals. Convolutional neural network (CNN) and Inception network are trained on different data sets, respectively. We combine CNN with Inception network to distinguish different modulation signals well. Experimental results show that our proposed method can recognize ten types of digital modulation signals with high identification accuracy, even in scenarios with a low signal-to-noise ratio (SNR).

With the emergence and development of quantum computers, the traditional public-key cryptography (PKC) is facing the risk of being cracked. In order to resist quantum attacks and ensure long-term communication security, NIST launched a global collection of Post Quantum Cryptography (PQC) standards in 2016, and it is currently in the third round of selection. There are three Lattice-based PKC algorithms that stand out, and NTRU is one of them. In this article, we proposed the first complete and compact full hardware implementation of NTRU algorithm submitted in the third round. By using one structure to complete the design of the three types of complex polynomial multiplications in the algorithm, we achieved better performance while reducing area costs.

Quick response (QR) codes are currently used ubiq-uitously. Their interaction protocol design is initially unsecured. It forces users to scan QR codes, which makes it harder to differentiate a genuine code from a malicious one. Intruders can change the original QR code and make it fake, which can lead to phishing websites that collect sensitive data. The interaction model can be improved and made more secure by adding some modifications to the backend side of the application. This paper addresses the vulnerabilities of QR codes and recommends improvements in security design. Furthermore, two state-of-the-art algorithms, Digital Signature (DS) and Elliptic Curve Digital Signature (ECDS), are analytically compared to determine their strengths in QR code security.

In recent years, the Internet-of-Things (IoT)-based traffic management system (ITMS) has attracted the attention of researchers from different fields, such as the automotive industry, academia and traffic management, due to its ability to enhance road safety and improve traffic efficiency. ITMS uses the Vehicle Ad-hoc Network (VANET) to communicate messages about traffic conditions or the event on the route to ensure the safety of the commuter. ITMS uses wireless communication technology for communication between different devices. Wireless communication has challenges to privacy and security. Challenges such as confidentiality, authentication, integrity, non-repudiation, identity, trust are major concerns of either security or privacy or both. This paper discusses the features of the traffic system, the features of the traffic management system (TMS) and the features of IoT that can be used in TMS with its challenges. Further, this paper analyses the work done in the last few years with the future scope of IoT in the TMS.

Cryptography is the science of encryption and decryption of data using the techniques of mathematics to achieve secure communication. This enables the user to send the data in an insecure channel. These channels are usually vulnerable to security attacks due to the data that they possess. A lot of work is being done these days to protect data and data communication. Hence securing them is the utmost concern. In recent times a lot of researchers have come up with different cryptographic techniques to protect the data over the network. One such technique used is DNA cryptography. The proposed approach employs a DNA sequencing-based encoding and decoding mechanism. The data is secured over the network using a secure authentication and key agreement procedure. A significant amount of work is done to show how DNA cryptography is secure when compared to other forms of cryptography techniques over the network.

Vulnerability analysis is an integral part of an overall security program. Through identifying known security flaws and weaknesses, vulnerability identification tools help security practitioners to remediate the existing vulnerabilities on the networks. Thus, it is crucial that the results of such tools are complete, accurate, timely and they produce vulnerability results with minimum or no side-effects on the networks. To achieve these goals, Active Vulnerability Scanning (AVS) or Passive Vulnerability Detection (PVD) approaches can be used by network-based vulnerability scanners. In this work, we evaluate these two approaches with respect to efficiency and effectiveness. For the effectiveness analysis, we compare these two approaches empirically on a test environment and evaluate their outcomes. According to total amount of accuracy and precision, the PVD results are higher than AVS. As a result of our analysis, we conclude that PVD returns more complete and accurate results with considerably shorter scanning periods and with no side-effects on networks, compared to the AVS.

Binary Edwards curves (BEC) over finite fields can be used as an additive cyclic elliptic curve group to enable elliptic curve cryptography (ECC), where the most time consuming is scalar multiplication. This operation is computed by means of the group operation, either point addition or point doubling. The most notorious property of these curves is that their group operation is complete, which mitigates the need to verify for special cases. Different formulae for the group operation in BECs have been reported in the literature. Of particular interest are those designed to work with the differential properties of the Montgomery ladder, which offer constant time computation of the scalar multiplication as well as reduced field operations count. In this work, we review and compare the complexity of BEC differential addition and doubling in terms of field operations. We also provide software implementations of scalar multiplications which employ these formulae under a fair scenario. Our work provides insights on the advantages of using BECs in ECC. Our study of the different formulae for group addition in BEC also showcases the advantages and limitations of the different design strategies employed in each case.

The core looseness fault is an important part of transformer fault. The state of the core can be obtained by analyzing the vibration signal. Vibration analysis method has been used in transformer condition monitoring and fault diagnosis for many years, while different methods produce different results. In order to select the correct method in engineering application, five kinds of joint time-frequency analysis methods, such as short-time Fourier transform, Wigner-Ville distribution, S transform, wavelet transform and empirical mode decomposition are compared, and the advantages and disadvantages of these methods for dealing with the vibration signal of transformer core are analyzed in this paper. It indicates that wavelet transform and empirical mode decomposition have more advantages in the diagnosis of core looseness fault. The conclusions have referential significance for the diagnosis of transformer faults in engineering.

Recent controlled-channel attacks exploit timing differences in the rudimentary fetch-decode-execute logic of processors. These new attacks also pose a threat to software on embedded systems. Even when Trusted Execution Environments (TEEs) are used, interrupt latency attacks allow untrusted code to extract application secrets from a vulnerable enclave by scheduling interruption of the enclave. Constant-time programming is effective against these attacks but, as we explain in this paper, can come with some disadvantages regarding performance. To deal with this new threat, we propose a novel algorithm that hardens programs during compilation by aligning the execution time of corresponding instructions in secret-dependent branches. Our results show that, on a class of embedded systems with deterministic execution times, this approach eliminates interrupt latency side-channel leaks and mitigates limitations of constant-time programming. We have implemented our approach in the LLVM compiler infrastructure for the San-cus TEE, which extends the openMSP430 microcontroller, and we discuss applicability to other architectures. We make our implementation and benchmarks available for further research.

With the rapid growth of Internet of Things (IoT) network intrusion attacks, there is a critical need for sophisticated and comprehensive intrusion detection systems (IDSs). Classifying infrequent intrusion types such as root-to-local (R2L) and user-to-root (U2R) attacks is a reoccurring problem for IDSs. In this study, various data sampling and class balancing techniques-Generative Adversarial Network (GAN)-based oversampling, k-nearest-neighbor (kNN) oversampling, NearMiss-1 undersampling, and class weights-were used to resolve the severe class imbalance affecting U2R and R2L attacks in the NSL-KDD intrusion detection dataset. Artificial Neural Networks (ANNs) were trained on the adjusted datasets, and their performances were evaluated with a multitude of classification metrics. Here, we show that using no data sampling technique (baseline), GAN-based oversampling, and NearMiss-l undersampling, all with class weights, displayed high performances in identifying R2L and U2R attacks. Of these, the baseline with class weights had the highest overall performance with an F1-score of 0.11 and 0.22 for the identification of U2R and R2L attacks, respectively.

Dew Computing (DC) is a comparatively modern field with a wide range of applications. By examining how technological advances such as fog, edge and Dew computing, and distributed intelligence force us to reconsider traditional Cloud Computing (CC) to serve the Internet of Things. A new dew estimation theory is presented in this article. The revised definition is as follows: DC is a software and hardware cloud-based company. On-premises servers provide autonomy and collaborate with cloud networks. Dew Calculation aims to enhance the capabilities of on-premises and cloud-based applications. These categories can result in the development of new applications. In the world, there has been rapid growth in Information and Communication Technology (ICT), starting with Grid Computing (GC), CC, Fog Computing (FC), and the latest Edge Computing (EC) technology. DC technologies, infrastructure, and applications are described. We’ll go through the newest developments in fog networking, QoE, cloud at the edge, platforms, security, and privacy. The dew-cloud architecture is an option concerning the current client-server architecture, where two servers are located at opposite ends. In the absence of an Internet connection, a dew server helps users browse and track their details. Data are primarily stored as a local copy on the dew server that starts the Internet and is synchronized with the cloud master copy. The local dew pages, a local online version of the current website, can be browsed, read, written, or added to the users. Mapping between different Local Dew sites has been made possible using the dew domain name scheme and dew domain redirection.

Vehicle Ad-hoc Networks (VANETs) have recently become an active research area. This is because of its important applications in the transportation field in which vehicles have severe position during activities of daily living in persons. In this paper, the basic background of the VANET from the Intelligent Transportation System (ITS), Mobile Ad-hoc Networks (MANETs), VANET standard and VANET characteristics are discussed. Second, the architecture from components and communications of the system are presented. Then, the critical challenges and future perspectives in this field are comprehensively reviewed. This paper could serve as a guide and reference in the design and development of any new techniques for VANETs. Moreover, this paper may help researchers and developers in the selection of the main features of VANET for their goals in one single document.

Testing or defending the security of a large network can be challenging because of the sheer number of potential ingress points that need to be investigated and evaluated for vulnerabilities. In short, manual security testing and analysis do not easily scale to large networks. While it has been shown that clustering can simplify the problem somewhat, the data structures and formats returned by the latest network mapping tools are not conducive to clustering algorithms. In this paper we introduce a hybrid similarity algorithm to compute the distance between two network services and then use those calculations to support a clustering algorithm designed to compress a large network attack surface by orders of magnitude. Doing so allows for new testing strategies that incorporate outlier detection and smart consolidation of test cases to improve accuracy and timeliness of testing. We conclude by presenting two case studies using an organization's network attack surface data to demonstrate the effectiveness of this approach.

We investigate a compressive sampling (CS) stepped frequency ground penetrating radar for detection of underground objects, which uses Bayesian estimation and a probabilistic model for the target support. Due to the underground targets being sparse, the B-scan is a sparse image. Using the CS principle, the stepped frequency radar is implemented using a subset of random frequencies at each antenna position. For image reconstruction we use Markov Chain and Markov Random Field models for the target support in the B-scan, where we also estimate the model parameters using the Expectation Maximization algorithm. The approach is tested using Web radar data obtained by measuring the signal responses scattered off land mine targets in a laboratory experimental setup. Our approach results in improved performance compared to the standard denoising algorithm for image reconstruction.

Over the past decade, an infotelecommunication technology has made significant strides forward. With the advent of new generation wireless networks and the massive digitalization of industries, the object of protection has changed. The digital transformation has led to an increased opportunity for cybercriminals. The ability of computational intelligence to quickly process large amounts of data makes the intrusions tailored to specific environments. Polymorphic attacks that have mutations in their sequences of acts adapt to the communication environments, operating systems and service frameworks, and also try to deceive the defense tools. The poor protection of most Internet of Things devices allows the attackers to take control over them creating the megabotnets. In this regard, traditional methods of network protection become rigid and low-effective. The paper reviews a computational intelligence (CI) enabled software- defined network (SDN) for the network management, providing dynamic network reconfiguration to improve network performance and security control. Advanced machine learning and artificial neural networks are promising in detection of false data injections. Bioinformatics methods make it possible to detect polymorphic attacks. Swarm intelligence detects dynamic routing anomalies. Quantum machine learning is effective at processing the large volumes of security-relevant datasets. The CI technology stack provides a comprehensive protection against a variative cyberthreats scope.

This paper presents conceptual modelling of the criticality of critical infrastructure (CI) nth order dependency effect using neural networks. Incidentally, critical infrastructures are usually not stand-alone, they are mostly interconnected in some way thereby creating a complex network of infrastructures that depend on each other. The relationships between these infrastructures can be either unidirectional or bidirectional with possible cascading or escalating effect. Moreover, the dependency relationships can take an nth order, meaning that a failure or disruption in one infrastructure can cascade to nth interconnected infrastructure. The nth-order dependency and criticality problems depict a sequential characteristic, which can result in chronological cyber effects. Consequently, quantifying the criticality of infrastructure demands that the impact of its failure or disruption on other interconnected infrastructures be measured effectively. To understand the complex relational behaviour of nth order relationships between infrastructures, we model the behaviour of nth order dependency using Neural Network (NN) to analyse the degree of dependency and criticality of the dependent infrastructure. The outcome, which is to quantify the Criticality Index Factor (CIF) of a particular infrastructure as a measure of its risk factor can facilitate a collective response in the event of failure or disruption. Using our novel NN approach, a comparative view of CIFs of infrastructures or organisations can provide an efficient mechanism for Critical Information Infrastructure Protection and resilience (CIIPR) in a more coordinated and harmonised way nationally. Our model demonstrates the capability to measure and establish the degree of dependency (or interdependency) and criticality of CIs as a criterion for a proactive CIIPR.