Biblio

Attack surface detection for the complex software is needed to find targets for the fuzzing, because testing the whole system with many inputs is not realistic. Researchers that previously applied taint analysis for dealing with different security tasks in the virtual machines did not examined how to apply it for attack surface detection. I.e., getting the program modules and functions, that may be affected by input data. We propose using taint tracking within a virtual machine and virtual machine introspection to create a new approach that can detect the internal module interfaces that can be fuzz tested to assure that software is safe or find the vulnerabilities.

Software Defined Networking (SDN) has changed the way of designing and managing networks through programmability. However, programmability also introduces security threats. In this work we address the issue of malicious hosts running malicious applications that bypass the standard SDN based detection mechanisms. The SDN security system we are proposing periodically monitors the system calls utilization of the different SDN applications installed, learns from past system behavior using machine learning classifiers, and thus accurately detects the existence of an unusual activity or a malicious application.

In present scenario features like low-cost, power-efficientand easy-to-implement Wireless Sensor Networks (WSN’s) has become one of growing prospects.though, its security issues have become a popular topic of research nowadays. Specific attacks often experience the security issues as they easily combined with other attacks to destroy the network. In this paper, we discuss about detecting the particular attacks like Sybil, Black-holeand Denial of Service (DoS) attacks on WSNs. These networks are more vulnerable to them. We attempt to investigate the security measures and the applicability of the AODV protocol to detect and manage specific types of network attacks in VANET.The RSA algorithm is proposed here, as it is capable of detecting sensor nodes ormessages transmitted from sensor nodes to the base station and prevents network from being attacked by the source node. It also improves the security mechanism of the AODV protocol. This simulation set up is performed using MATLAB simulation tool

Cross-site scripting (XSS) attack is a kind of code injection that allows an attacker to inject malicious scripts code into a trusted web application. When a user tries to request the injected web page, he is not aware that the malicious script code might be affecting his computer. Nowadays, attackers are targeting the web applications that holding a sensitive data (e.g., bank transaction, e-mails, healthcare, and e-banking) to steal users' information and gain full access to the data which make the web applications to be more vulnerable. In this research, we applied three approaches to find a solution to this most challenging attacks issues. In the first approach, we implemented Random Forest (RF), Logistic Regression (LR), k-Nearest Neighbors (k-NN), and Support Vector Machine (SVM) algorithms to discover and classify XSS attack. In the second approach, we implemented the Content Security Policy (CSP) approach to detect XSS attacks in real-time. In the last approach, we propose a new approach that combines the Web Application Firewall (WAF), Intrusion Detection System (IDS), and Intrusion Prevention System (IPS) to detect and prevent XSS attack in real-time. Our experiment results demonstrated the high performance of AI algorithms. The CSP approach shows the results for the detection system report in real-time. In the third approach, we got more expected system results that make our third model system a more powerful tool to address this research problem than the other two approaches.

Ensuring the network security, resists the malicious traffic attacks as much as possible, and ensuring the network security, the Gated Recurrent Unit (GRU) and Convolutional Neural Network (CNN) are combined. Then, a Software Defined Networking (SDN) anomaly detection architecture is built and continuously optimized to ensure network security as much as possible and enhance the reliability of the detection architecture. The results show that the proposed network architecture can greatly improve the accuracy of detection, and its performance will be different due to the different number of CNN layers. When the two-layer CNN structure is selected, its performance is the best among all algorithms. Especially, the accuracy of GRU- CNN-2 is 98.7%, which verifies that the proposed method is effective. Therefore, under deep learning, the utilization of GRU- CNN to explore and optimize the SDN anomaly detection is of great significance to ensure information transmission security in the future.

Information Security is a unified piece of information technology that has emerged as vibrant technology in the last two decades. To manage security, authentication assumes a significant part. Biometric is the physical unique identification as well as authentication for the third party. We have proposed the security model for preventing many attacks so we are used the innermost layer as a 3DES (Triple Encryption standard) cryptography algorithm that is providing 3- key protection as 64-bit and the outermost layer used the MD5 (Message Digest) algorithm. i. e. providing 128-bit protection as well as we is using fingerprint identification as physical security that is used in third-party remote integrity auditing. Remote data integrity auditing is proposed to ensure the uprightness of the information put away in the cloud. Data Storage of cloud services has expanded paces of acknowledgment because of their adaptability and the worry of the security and privacy levels. The large number of integrity and security issues that arise depends on the difference between the customer and the service provider in the sense of an external auditor. The remote data integrity auditing is at this point prepared to be viably executed. In the meantime, the proposed scheme is depending on identity-based cryptography, which works on the convoluted testament of the executives. The safety investigation and the exhibition assessment show that the planned property is safe and productive.

The transportation system is becoming tremendously important in today's human activities and the number of urban vehicles grows rapidly. The vehicle theft also has become a shared concern for all vehicle owners. However, the present anti-theft system which maybe high reliable, lack of proper mechanism for preventing theft before it happens. This work proposes the internet of things based smart vehicle security staring system; efficient security provided to the vehicle owners relies on securing car ignition system by using a developed android application running on smart phone connected to the designed system installed in vehicle. With this system it is non- viable to access the vehicle's functional system in case the ignition key has been stolen or lost. It gives the drivers the ability to stay connected with their vehicle. Whenever the ignition key is stolen or lost, it is impossible to start the vehicle as the ignition system is still locked on the vehicle start and only the authorized person will be able to start the vehicle at convenient time with the combination of ignition key and smart phone application. This study proposes to design the system that uses node MCU, Bluetooth low energy (BLE), transistors, power relays and android smartphone in system testing. In addition, it is cost effective and once installed in the vehicle there is no more cost of maintenance.

Internet of Things (IoT) devices have rooted themselves in the everyday life of billions of people. Thus, researchers have applied automated bug finding techniques to improve their overall security. However, due to the difficulties in extracting and emulating custom firmware, black-box fuzzing is often the only viable analysis option. Unfortunately, this solution mostly produces invalid inputs, which are quickly discarded by the targeted IoT device and do not penetrate its code. Another proposed approach is to leverage the companion app (i.e., the mobile app typically used to control an IoT device) to generate well-structured fuzzing inputs. Unfortunately, the existing solutions produce fuzzing inputs that are constrained by app-side validation code, thus significantly limiting the range of discovered vulnerabilities.In this paper, we propose a novel approach that overcomes these limitations. Our key observation is that there exist functions inside the companion app that can be used to generate optimal (i.e., valid yet under-constrained) fuzzing inputs. Such functions, which we call fuzzing triggers, are executed before any data-transforming functions (e.g., network serialization), but after the input validation code. Consequently, they generate inputs that are not constrained by app-side sanitization code, and, at the same time, are not discarded by the analyzed IoT device due to their invalid format. We design and develop Diane, a tool that combines static and dynamic analysis to find fuzzing triggers in Android companion apps, and then uses them to fuzz IoT devices automatically. We use Diane to analyze 11 popular IoT devices, and identify 11 bugs, 9 of which are zero days. Our results also show that without using fuzzing triggers, it is not possible to generate bug-triggering inputs for many devices.

In recent years we can observe that digital forensics is being applied to a variety of domains as nearly any data can become valuable forensic evidence. The sheer scope of web-based investigations provides a vast amount of information. Due to a rapid increase in the number of cybercrimes the importance of application-specific forensics is greater than ever. Criminals use the application not only to communicate but also to facilitate crimes. It came to our attention that the gaming chat application Discord is one of them. Discord allows its users to send text messages as well as exchange image, video, and audio files. While Discord's community is not as large as that of the most popular messaging apps the stable growth of its userbase and recent incidents indicate that it is used by criminals. This paper presents our research into the digital forensic analysis of Discord client-side artefacts and presents experimental development of a tool for extraction, analysis, and presentation of the data from Discord application. The work then proposes a solution in form of a tool, `DiscFor', that can retrieve information from the application's local files and cache storage.

Point-of-care diagnostics are a key technology for various safety-critical applications from providing diagnostics in developing countries lacking adequate medical infrastructure to fight infectious diseases to screening procedures for border protection. Digital microfluidics biochips are an emerging technology that are increasingly being evaluated as a viable platform for rapid diagnosis and point-of-care field deployment. In such a technology, processing errors are inherent. Cyber-physical digital biochips offer higher reliability through the inclusion of automated error recovery mechanisms that can reconfigure operations performed on the electrode array. Recent research has begun to explore security vulnerabilities of digital microfluidic systems. This paper expands previous work that exploits vulnerabilities due to implicit trust in the error recovery mechanism. In this work, a discriminative data mining approach is introduced to identify frequent bioassay operations that can be cyber-physically attested for runtime security protection.

The envisioned massive deployment of network slices in 5G and beyond mobile systems makes the shift towards zero-touch, scalable and secure slice lifecycle management a necessity. This is to harvest the benefits of network slicing in enabling profitable services. These benefits will not be attained without ensuring a high level security of the created network slices and the underlying infrastructure, above all in a zero-touch automated fashion. In this vein, this paper presents the architecture of an innovative network slicing security orchestration framework, being developed within the EU H2020 MonB5G project. The framework leverages the potential of Security as a Service (SECaaS) and Artificial Intelligence (AI) to foster fully-distributed, autonomic and fine-grained management of network slicing security from the node level to the end-to-end and inter-slice levels.

End users consider the data available through web as unmodified. Even when the web is secured by HTTPS, the data can be tampered in numerous tactical ways reducing trust on the integrity of data at the clients' end. One of the ways in which the web pages can be modified is via client side browser extensions. The extensions can transparently modify the web pages at client's end and can include new data to the web pages with minimal permissions. Clever modifications can be addition of a fake news or a fake advertisement or a link to a phishing website. We have identified through experimentation that such attacks are possible and have potential for serious damages. To prevent and detect such modifications we present a novel domain expressiveness based approach that uses DNS (Domain Name System) TXT records to express the Hash of important web pages that gets verified by the browsers to detect/thwart any modifications to the contents that are launched via client side malicious browser extensions or via cross site scripting. Initial experimentation suggest that the technique has potential to be used and deployed.

We analyze partner health apps compatible with the Fitbit fitness tracker, and record what third parties they are talking to. We focus on the ten partner Android applications that have more than 50,000 downloads and are fitness-related. Our results show that most of the them contact “unexpected” third parties. Such third parties include social networks; analytics and advertisement services; weather APIs. We also investigate what information is shared by the partner apps with these unexpected entities. Our findings suggest that in many cases personal information of users might be shared, including the phone model; location and SIM carrier; email and connection history.

Consider the identification (ID) via channels problem, where a receiver wants to decide whether the transmitted identifier is its identifier, rather than decoding the identifier. This model allows to transmit identifiers whose size scales doubly-exponentially in the blocklength, unlike common transmission (or channel) codes whose size scales exponentially. It suffices to use binary constant-weight codes (CWCs) to achieve the ID capacity. By relating the parameters of a binary CWC to the minimum distance of a code and using higher-order correlation moments, two upper bounds on the binary CWC size are proposed. These bounds are shown to be upper bounds also on the identifier sizes for ID codes constructed by using binary CWCs. We propose two code constructions based on optical orthogonal codes, which are used in optical multiple access schemes, have constant-weight codewords, and satisfy cyclic cross-correlation and autocorrelation constraints. These constructions are modified and concatenated with outer Reed-Solomon codes to propose new binary CWCs optimal for ID. Improvements to the finite-parameter performance of both our and existing code constructions are shown by using outer codes with larger minimum distance vs. blocklength ratios. We also illustrate ID performance regimes for which our ID code constructions perform significantly better than existing constructions.

Cyber ranges are valuable assets but have limitations in simulating complex realities and multi-sector dependencies; to address this, federated cyber ranges are emerging. This work presents the ECHO Federated Cyber Range, a marketplace for cyber range services, that establishes a mechanism by which independent cyber range capabilities can be interconnected and accessed via a convenient portal. This allows for more complex and complete emulations, spanning potentially multiple sectors and complex exercises. Moreover, it supports a semi-automated approach for processing and deploying service requests to assist customers and providers interfacing with the marketplace. Its features and architecture are described in detail, along with the design, validation and deployment of a training scenario.

Implementing the color images encryption is a challenging field of the research for IOT applications. An exponential growth in imaging cameras in IOT uses makes it critical to design the robust image security algorithms. It is also observed that performance of existing encryption methods degrades under the presence of noisy environments. This is the major concern of evaluating the encryption method in this paper. The prime concern of this paper is to design the fast efficient color images encryption algorithm by designing an efficient and robustness RSA encryption algorithm. Method takes the advantage of both preprocessing and the Gaussian pyramid (GP) approach for encryption. To improve the performance it is proposed to use the LAB color space and implement the RSA encryption on luminance (L) component using the GP domain. The median filter and image sharpening is used for preprocessing. The goal is to improve the performance under highly noisy imaging environment. The performance is compared based on the crypto weights and on the basis of visual artifacts and entropy analysis. The decrypted outputs are again converted to color image output. Using the LAB color space is expected to improve the entropy performance of the image. Result of proposed encryption method is evaluated under the different types of the noisy attacks over the color images and also performance is compared with state of art encryption methods. Significant improvement speed of the algorithm is compared in terms of the elapsed time

Industrial Control System (ICS) communication transmits monitoring and control data between industrial processes and the control station. ICS systems cover various domains of critical infrastructure such as the power plants, water and gas distribution, or aerospace traffic control. Security of ICS systems is usually implemented on the perimeter of the network using ICS enabled firewalls or Intrusion Detection Systems (IDSs). These techniques are helpful against external attacks, however, they are not able to effectively detect internal threats originating from a compromised device with malicious software. In order to mitigate or eliminate internal threats against the ICS system, we need to monitor ICS traffic and detect suspicious data transmissions that differ from common operational communication. In our research, we obtain ICS monitoring data using standardized IPFIX flows extended with meta data extracted from ICS protocol headers. Unlike other anomaly detection approaches, we focus on modelling the semantics of ICS communication obtained from the IPFIX flows that describes typical conversational patterns. This paper presents a technique for modelling ICS conversations using frequency prefix trees and Deterministic Probabilistic Automata (DPA). As demonstrated on the attack scenarios, these models are efficient to detect common cyber attacks like the command injection, packet manipulation, network scanning, or lost connection. An important advantage of our approach is that the proposed technique can be easily integrated into common security information and event management (SIEM) systems with Netflow/IPFIX support. Our experiments are performed on IEC 60870-5-104 (aka IEC 104) control communication that is widely used for the substation control in smart grids.

With the rise of Internet of Things (IoT) devices, home network management and security are becoming complex. There is an urgent requirement to make smart home network management more efficient. This work proposes an SDN-based architecture to secure smart home networks through K-Nearest Neighbor (KNN) based device classifications and malicious traffic detection. The efficiency is enhanced by offloading the computation-intensive KNN model to a Field Programmable Gate Arrays (FPGA). Furthermore, we propose a custom KNN solution that exhibits the best performance on an FPGA compared with four alternative KNN instances (i.e., 78% faster than a parallel Bubble Sort-based implementation and 99% faster than three other sorting algorithms). Moreover, with 36,225 training samples, the proposed KNN solution classifies a test query with 95% accuracy in approximately 4 ms on an FPGA compared to 57 seconds on a CPU platform. This highlights the promise of FPGA-based platforms for edge computing applications in the smart home.

Vehicular ad-hoc networks (VANETs) are one of the most stochastic networks in terms of node movement patterns. Due to the high speed of vehicles, nodes form temporary clusters and shift between clusters rapidly, which limits the usable computational complexity for quality of service (QoS) and security enhancements. Hence, VANETs are one of the most insecure networks and are prone to various attacks like Masquerading, Distributed Denial of Service (DDoS) etc. Various algorithms have been proposed to safeguard VANETs against these attacks, which vary concerning security and QoS performance. These algorithms include linear rule-checking models, software-defined network (SDN) rules, blockchain-based models, etc. Due to such a wide variety of model availability, it becomes difficult for VANET designers to select the most optimum security framework for the network deployment. To reduce the complexity of this selection, the paper reviews statistically investigate a wide variety of modern VANET-based security models. These models are compared in terms of security, computational complexity, application and cost of deployment, etc. which will assist network designers to select the most optimum models for their application. Moreover, the paper also recommends various improvements that can be applied to the reviewed models, to further optimize their performance.

Smart Contracts based cryptocurrencies such as Ethereum are becoming increasingly popular in various domains: but with this increase in popularity comes a significant decrease in throughput and efficiency. Smart Contracts are executed by every miner in the system serially without any parallelism, both inter and intra-Smart Contracts. Such a serial execution inhibits the scalability required to obtain extremely high throughput pertaining to computationally intensive tasks deployed with such Smart Contracts. While significant advancements have been made in the field of concurrency, from GPU architectures that enable massively parallel computation to tools such as MapRe-duce that distributed computing to several nodes connected in the system to achieve higher performance in distributed systems, none are incorporated in blockchain-based distributed computing. The team proposes a novel blockchain that allows public nodes in a permission-independent blockchain to deploy and run Smart Contracts that provide concurrency-related functionalities within the Smart Contract framework. In this paper, the researchers present “ConCurrency,” a blockchain network capable of handling big data-based computations. The technique is based on currently used distributed system paradigms, such as MapReduce, while also allowing for fundamental parallelly computable problems. Concurrency is achieved using a sharding protocol incorporated with consensus mechanisms to ensure high scalability, high reliability, and better efficiency. A detailed methodology and a comprehensive analysis of the proposed blockchain further indicate a significant increase in throughput for parallelly computable tasks, as detailed in this paper.

The advancement of AI enables the evolution of machines from relatively simple automation to completely autonomous systems that augment human capabilities with improved quality and productivity in work and life. The singularity is near! However, humans are still vulnerable. The COVID-19 pandemic reminds us of our limited knowledge about nature. The recent accidents involving Boeing 737 Max passengers ring the alarm again about the potential risks when using human-autonomy symbiosis technologies. A key challenge of safe and effective human-autonomy teaming is enabling “trust” between the human-machine team. It is even more challenging when we are facing insufficient data, incomplete information, indeterministic conditions, and inexhaustive solutions for uncertain actions. This calls for the imperative needs of appropriate design guidance and scientific methodologies for developing safety-critical autonomous systems and AI functions. The question is how to build and maintain a safe, effective, and trusted partnership between humans and autonomous systems. This talk discusses a context-based and interaction-centred design (ICD) approach for developing a safe and collaborative partnership between humans and technology by optimizing the interaction between human intelligence and AI. An associated trust model IMPACTS (Intention, Measurability, Performance, Adaptivity, Communications, Transparency, and Security) will also be introduced to enable the practitioners to foster an assured and calibrated trust relationship between humans and their partner autonomous systems. A real-world example of human-autonomy teaming in a military context will be explained to illustrate the utility and effectiveness of these trust enablers.

Malicious hackers breach security perimeters, cause infrastructure disruptions as well as steal proprietary information, financial data, and violate consumers' privacy. Protection of the whole organization by using the firm's security officers can be besieged with faulty warnings. Engineers must shift from console to console to put together investigative clues as a result of today's fragmented security technologies that cause frustratingly sluggish investigations. Endpoint Detection and Response (EDR) solutions adds an extra layer of protection to prevent an endpoint action into a breach. EDR is the region's foremost detection and response tool that combines endpoint and network data to recognize and respond to sophisticated threats. Offering unrivaled security and operational effectiveness, it integrates prevention, investigation, detection, and responding in a single platform. EDR provides enterprise coverage and uninterrupted defense with its continuous monitoring and response to threats. We have presented a comprehensive review of existing EDRs through various security layers that includes detection, response and management capabilities which enables security teams to have unified end-to-end corporate accessibility, powerful analytics along with additional features such as web threat scan, external device scan and automatic reaction across the whole technological tower.

Wireless Sensor Networks (WSN) are gaining popularity as being the backbone of Cyber physical systems, IOT and various data acquisition from sensors deployed in remote, inaccessible terrains have remote deployment. However due to remote deployment, WSN is an adhoc network of large number of sensors either heli-dropped in inaccessible terrain like volcanoes, Forests, border areas are highly energy deficient and available in large numbers. This makes it the right soup to become vulnerable to various kinds of Security attacks. The lack of energy and resources makes it deprived of developing a robust security code for mitigation of various kinds of attacks. Many attempts have been made to suggest a robust security Protocol. But these consume so much energy, bandwidth, processing power, memory and other resources that the sole purpose of data gathering from inaccessible terrain from energy deprived sensors gets defeated. This paper makes an attempt to study the types of attacks on different layers of WSN and the examine the recent trends in development of various security protocols to mitigate the attacks. Further, we have proposed a simple, lightweight but powerful security protocol known as Simple Sensor Security Protocol (SSSP), which captures the uniqueness of WSN and its isolation from internet to develop an energy efficient security solution.

In recent years, with the rapid development of DNN, the algorithm complexity in a series of fields such as computer vision and natural language processing is increasing rapidly. FPGA-based DNN accelerators have demonstrated superior flexibility and performance, with higher energy efficiency compared to high-performance devices such as GPU. However, the computing resources of a single FPGA are limited and it is difficult to flexibly meet the requirements of high throughput and high energy efficiency of different computing scales. Therefore, this paper proposes a DNN implementation method based on the scalable heterogeneous FPGA cluster to adapt to different tasks and achieve high throughput and energy efficiency. Firstly, the method divides a single enormous task into multiple modules and running each module on different FPGA as the pipeline structure between multiple boards. Secondly, a task deployment method based on dichotomy is proposed to maximize the balance of task execution time of different pipeline stages to improve throughput and energy efficiency. Thirdly, optimize DNN computing module according to the relationship between computing power and bandwidth, and improve energy efficiency by reducing waste of ineffective resources and improving resource utilization. The experiment results on Alexnet and VGG-16 demonstrate that we use Zynq 7035 cluster can at most achieves ×25.23 energy efficiency of optimized AMD AIO processor. Compared with previous works of single FPGA and FPGA cluster, the energy efficiency is improved by 59.5% and 18.8%, respectively.

Smart Grid is used to improve the accuracy of the grid network query. Though it gives the accuracy, it has the data privacy issues. It is a big challenge to solve the privacy issue in the smart grid. We need secured algorithms to protect the data in the smart grid, since the data is very important. This paper explains about the k-anonymous algorithm and analyzes the enhanced L-diversity algorithm for data privacy and security. The algorithm can protect the data in the smart grid is proven by the experiments.