Biblio

The main aim of this report is to find how data security can be improved in a cloud environment using the remote data auditing technique. The research analysis of the existing journal articles that are peer-reviewed Q1 level of articles is selected to perform the analysis.The main taxonomy that is proposed in this project is being data, auditing, monitoring, and output i.e., DAMO taxonomy that is used and includes these components. The data component would include the type of data; the auditing would ensure the algorithm that would be used at the backend and the storage would include the type of database as single or the distributed server in which the data would be stored.As a result of this research, it would help understand how the data can be ensured to have the required level of privacy and security when the third-party database vendors would be used by the organizations to maintain their data. Since most of the organizations are looking to reduce their burden of the local level of data storage and to reduce the maintenance by the outsourcing of the cloud there are still many issues that occur when there comes the time to check if the data is accurate or not and to see if the data is stored with resilience. In such a case, there is a need to use the Remote Data Auditing techniques that are quite helpful to ensure that the data which is outsourced is reliable and maintained with integrity when the information is stored in the single or the distributed servers.

5G improves previous generations not only in terms of radio access but the whole infrastructure and services paradigm. Automation, dynamism and orchestration are now key features that allow modifying network behaviour, such as Virtual Network Functions (VNFs), and resource allocation reactively and on demand. However, such dynamic ecosystem must pay special attention to security while ensuring that the system actions are trustworthy and reliable. To this aim, this paper introduces the integration of the Manufacturer Usage Description (MUD) standard alongside a Trust and Reputation Manager (TRM) into the INSPIRE-5GPlus framework, enforcing security properties defined by MUD files while the whole infrastructure, virtual and physical, as well as security metrics are continuously audited to compute trust and reputation values. These values are later fed to enhance trustworthiness on the zero-touch decision making such as the ones orchestrating end-to-end security in a closed-loop.

In recent years, the underwater sensor network has emerged as a promising solution for a wide range of marine applications. The underwater wireless sensors are usually designed to operate in open water, where eavesdropping can be a serious issue. Existing work either utilizes cryptography that is computationally intensive or requires expensive hardware. In this paper, we present a coordinated multi-point transmission based protocol to improve network security. The proposed protocol dynamically pairs sensors for coordinated communications to undermine the eavesdroppers’ capability. Our preliminary results indicate that the underwater sensor network security can be enhanced using the proposed method, especially in applications where cryptography or special hardware are not suitable.

Over past years, the high demand to efficiently process deep learning (DL) models has driven the market of the chip design companies. However, the new Deep Chip architectures, a common term to refer to DL hardware accelerator, have slightly paid attention to the security requirements in quantized neural networks (QNNs), while the black/white -box adversarial attacks can jeopardize the integrity of the inference accelerator. Therefore in this paper, a comprehensive study of the resiliency of QNN topologies to black-box attacks is examined. Herein, different attack scenarios are performed on an FPGA-processor co-design, and the collected results are extensively analyzed to give an estimation of the impact’s degree of different types of attacks on the QNN topology. To be specific, we evaluated the sensitivity of the QNN accelerator to a range number of bit-flip attacks (BFAs) that might occur in the operational lifetime of the device. The BFAs are injected at uniformly distributed times either across the entire QNN or per individual layer during the image classification. The acquired results are utilized to build the entropy-based model that can be leveraged to construct resilient QNN architectures to bit-flip attacks.

Ternary content addressable memories (TCAMs) widely utilized in network systems to enforce the labeling of packets. For example, they are used for packet forwarding, security, and software-defined networks (SDNs). TCAMs are typically deployed as standalone instruments or as an embedded intellectual property component on application-specific integrated circuits. However, field-programmable gate arrays (FPGAs) do not have TCAM bases. However, FPGAs’ versatility allows them to appeal for SDN deployment, and most FPGA vendors have SDN production kits. Those need to help TCAM features and then simulate TCAMs using the FPGA logic blocks. Several methods to reproduction TCAMs on FPGAs have been introduced in recent years. Some of them use a huge multiple storage blocks within modern FPGAs to incorporate TCAMs. A trouble while remembrances are that soft errors that corrupt stored bits can affect them. Memories may be covered by a parity test to identify errors or by an error correction code, although this involves extra bits in a word frame. This brief considers memory security used to simulate TCAMs. It is shown in particular that by leveraging the assumption its part of potential memory information is true, most single-bit errors can be resolved when memoirs are emulated with a parity bit.

Drone based applications have progressed significantly in recent years across many industries, including agriculture. This paper proposes a sporadically connected cyber-physical system for assisting winemakers and minimizing the travel time to remote and poorly connected infrastructures. A set of representative diseases and conditions, which will be monitored by land-bound sensors in combination with multispectral images, is identified. To collect accurate data, a trustworthy and secured communication of the drone with the sensors and the base station should be established. We propose to use an Internet of Things framework for establishing a chain of trust by securely onboarding drones, sensors and base station, and providing self-adaptation support for the use case. Furthermore, we perform a security analysis of the use case for identifying potential threats and security controls that should be in place for mitigating them.

Storing information in Blockchain has become in vogue in the Technical and Communication Industry with many major players jumping into the bandwagon. Two of the most prominent enablers for Blockchain are “Proof of Work” and “Proof of Stake”. Proof of work includes the members solving the complex problem without having a particular need for the solution (except as evidence, of course), which absorbs a large number of resources in turn. The proof of stake doesn’t require as many resources to enable Blockchain secure information store. Both methodologies have their advantages and their shortcomings. The article attempts to review the current literature and collate the results of the study to measure the performance of both the methodologies and to arrive at a consensus regarding either or both methodologies to implement Blockchain to store data. Post reviewing the performance aspects and security features of both Proofs of Stake and Proof of Work the reviewer attempts to arrive at a secure and better performing blended Blockchain methodology that has wide industry practical application.

Application programming interfaces (APIs) are a vital part of every online business. APIs are responsible for transferring data across systems within a company or to the users through the web or mobile applications. Security is a concern for any public-facing application. The objective of this study is to analyze incoming requests to a target API and flag any malicious activity. This paper proposes a solution using sequence models to identify whether or not an API request has SQL, XML, JSON, and other types of malicious injections. We also propose a novel heuristic procedure that minimizes the number of false positives. False positives are the valid API requests that are misclassified as malicious by the model.

Security of data and information in servers connected to networks that provide services to user computers, is the most important thing to maintain data privacy and security in network security management mechanisms. Weaknesses in the server security system can be exploited by intruders to disrupt the security of the server. One way to maintain server security is to implement an intrusion detection system using the Intrusion Detection System. This research is experimenting to create a security system prototype, monitoring, and evaluating server security systems using Snort and alert notifications that can improve security monitoring for server security. The system can detect intrusion attacks and provide warning messages and attack information through the Intrusion Detection System monitoring system. The results show that snort and alert notifications on the security server can work well, efficiently, and can be handled quickly. Testing attacks with Secure Shell Protocol and File Transfer Protocol Brute Force, Ping of Death and scanning port attacks requires a detection time of no more than one second, and all detection test results are detected and send real-time notification alerts to the Administrator.

Nowadays , cloud -based technology has been enlarged depends on the human necessities in the world. A lot of technologies is discovered that serve the people in different ways of cloud -based security and best resource allocation. Cloud-based technology is the essential factor to the resources like hardware, software for effective resource utilization . The securing applications enabled security mechanism enables the vital role for cloud -based web security through the secured password. The violation of data by the unauthorized access of users concerns many web developers and application owners . Web security enables the cloud-based password management system that illustrates the data storage and the web passwords access through the "Cloud framework". Web security, End-to-end passwords , and all the browser -based passwords could belong to the analysis of web security . The aim is to enhance system security. Thus, sensitive data are sustained with security and privacy . In this paper , the proposed Password Management via cloud-based web security gets to attain . An efficient Double Layer Password Encryption (DLPE ) algorithm to enable the secured password management system . Text -based passwords continue to be the most popular method of online user identification . They safeguard internet accounts with important assets against harmful attempts on passwords. The security of passwords is dependent on the development of strong passwords and keeping them from being stolen by intruders . The proposed DLPE algorithm perceived the double - layer encryption system as an effective security concern. When the data user accesses the user Login , the OTP generates via mail /SMS , and the original message is encrypted using public key generation. Then the text of data gets doubly encrypted through the cloud framework . The private key is used to decipher the cipher text . If the OTP gets matched , the text is to be decrypted over the text data . When double encryption happens , the detection of data flaws, malicious attacks , application hackers gets reduced and the strong password enabled double-layer encryption attained the secured data access without any malicious attackers . The data integrity , confidentiality enabled password management . The ability to manage a distributed systems policy like the Double Layer Password encryption technique enables password verification for the data used to highly secure the data or information.

Numerous measurement researches have been performed to discover the IPv4 network security issues by leveraging the fast Internet-wide scanning techniques. However, IPv6 brings the 128-bit address space and renders brute-force network scanning impractical. Although significant efforts have been dedicated to enumerating active IPv6 hosts, limited by technique efficiency and probing accuracy, large-scale empirical measurement studies under the increasing IPv6 networks are infeasible now. To fill this research gap, by leveraging the extensively adopted IPv6 address allocation strategy, we propose a novel IPv6 network periphery discovery approach. Specifically, XMap, a fast network scanner, is developed to find the periphery, such as a home router. We evaluate it on twelve prominent Internet service providers and harvest 52M active peripheries. Grounded on these found devices, we explore IPv6 network risks of the unintended exposed security services and the flawed traffic routing strategies. First, we demonstrate the unintended exposed security services in IPv6 networks, such as DNS, and HTTP, have become emerging security risks by analyzing 4.7M peripheries. Second, by inspecting the periphery's packet routing strategies, we present the flawed implementations of IPv6 routing protocol affecting 5.8M router devices. Attackers can exploit this common vulnerability to conduct effective routing loop attacks, inducing DoS to the ISP's and home routers with an amplification factor of \textbackslashtextbackslashgt 200. We responsibly disclose those issues to all involved vendors and ASes and discuss mitigation solutions. Our research results indicate that the security community should revisit IPv6 network strategies immediately.

A comparative analysis of the classical and approximation methods of spectral analysis of fast-variable processes in technical systems is carried out. It is shown that the approximation methods make it possible to substantially remove the contradiction between the requirements for spectrum smoothing and its frequency resolution. On practical examples of vibroacoustic signals, the effectiveness of approximation methods is shown. The Prony method was used to process the time series. The interactive frequency segmentation method and the direct identification method were used for approximation and frequency characteristics.

Modern Industrial Automation & Control Systems (IACS) are essential part of the critical infrastructures and services. They are used in health, power, water, and transportation systems, and the impact of cyberattacks on IACS could be severe, resulting, for example, in damage to the environment, public or employee safety or health. Thus, building IACS safe and secure against cyberattacks is extremely important. The attacker model is one of the key elements in risk assessment and other security related information system management tasks. The aim of the study is to specify the attacker's profile based on the analysis of network and system events. The paper presents an approach to the selection of attacker's profile attributes from raw network and system events of the Linux OS. To evaluate the approach the experiments were performed on data collected within the Global CPTC 2019 competition.

In this paper, we present FireBugs for Finding and Repairing Bugs based on security patterns. For the common misuse patterns of cryptography APIs (crypto APIs), we encode common cryptography rules into the pattern representations for bug detection and program repair regarding cryptography rule violations. In the evaluation, we conducted a case study to assess the bug detection capability by applying FireBugs to datasets mined from both open source and commercial projects. Also, we conducted a user study with professional software engineers at Mutual of Omaha Insurance Company to estimate the program repair capability. This evaluation showed that FireBugs can help professional engineers develop various cryptographic requirements in a resilient application.

This paper presents a management system for a fleet of autonomous mobile robots performing logistics in security-heterogeneous factories. Loading and unloading goods and parts between workstations in these dynamic environments often demands from the mobile robots to share space and resources such as corridors, interlocked security doors and elevators among themselves. This model explores a dynamic task scheduling and assignment to the robots taking into account their location, tasks previously assigned and battery levels, all the while being aware of the physical constraints of the installation. The benefits of the proposed architecture were validated through a set of experiments in a mockup of INCM's shop-floor environment. During these tests 3 robots operated continuously for several hours, self-charging without any human intervention.

Fitbit Versa is the most popular of its predecessors and successors in the Fitbit faction. Increasingly data stored on these smart fitness devices, their linked applications and cloud datacenters are being used for criminal convictions. There is limited research for investigators on wearable devices and specifically exploring evidence identification and methods of extraction. In this paper we present our analysis of Fitbit Versa using Cellebrite UFED and MSAB XRY. We present a clear scope for investigation and data significance based on the findings from our experiments. The data recovery will include logical and physical extractions using devices running Android 9 and iOS 12, comparing between Cellebrite and XRY capabilities. This paper discusses databases and datatypes that can be recovered using different extraction and analysis techniques, providing a robust outlook of data availability. We also discuss the accuracy of recorded data compared to planned test instances, verifying the accuracy of individual data types. The verifiable accuracy of some datatypes could prove useful if such data was required during the evidentiary processes of a forensic investigation.

The fifth-generation (5G) standard is the last telecommunication technology, widely considered to have the most important characteristics in the future network industry. The 5G system infrastructure contains three principle interfaces, each one follows a set of protocols defined by the 3rd Generation Partnership Project group (3GPP). For the next generation network, 3GPP specified two authentication methods systematized in two protocols namely 5G Authentication and Key Agreement (5G-AKA) and Extensible Authentication Protocol (EAP). Such protocols are provided to ensure the authentication between system entities. These two protocols are critical systems, thus their reliability and correctness must be guaranteed. In this paper, we aim to formally re-examine 5G-AKA protocol using micro Common Representation Language 2 (mCRL2) language to verify such a security protocol. The mCRL2 language and its associated toolset are formal tools used for modeling, validation, and verification of concurrent systems and protocols. In this context, the authentication protocol 5G-AKA model is built using Algebra of Communication Processes (ACP), its properties are specified using Modal mu-Calculus and the properties analysis exploits Model-Checker provided with mCRL2. Indeed, we propose a new mCRL2 model of 3GPP specification considering 5G-AKA protocol and we specify some properties that describe necessary requirements to evaluate the correctness of the protocol where the parsed properties of Deadlock Freedom, Reachability, Liveness and Safety are positively assessed.

Image edge is considered to be the most important attribute to provide valuable image perception information. At present, video image data is developing towards high resolution and high frame number. The image data processing capacity is huge, so the processing speed is very strict to meet the real-time performance of image data transmission. In this context, we present a method to accelerate the real-time video image edge detection. FPGA is used as the development platform. The real-time edge detection algorithm of image data with 1280x720 resolution and 30 frame/s, combined with median filter, Sobel edge detection algorithm and corrosion expansion algorithm, makes the running time of image processing module shorter. The color image of the video image collected by camera is processed. The HDMI interface shows that the scheme has achieved ideal results in the FPGA hardware platform simulation model, greatly improves the efficiency of the algorithm, and provides a guarantee for the speed and stability of the real-time image processing system.

This article discusses the problem of information security management in computer systems and describes the process of developing an algorithm that allows to determine measures to protect personal data. The organizational and technical measures formulated by the FSTEC are used as measures.

With the widespread adoption of Internet of Things (IoT) applications around the world, security related problems become a challenge since the number of cybercrimes that must be identified and investigated increased dramatically. The volume of data generated and handled is immense due to the increased number of IoT applications around the world. As a result, when a cybercrime happens, the volume of digital data needs to be dealt with is massive. Consequently, more effort and time are needed to handle the security issues. As a result, in digital forensics, the analysis phase is an important and challenging phase. This paper proposes a generic proactive model for the cybercrime analysis process in the Internet of Things. The model is focused on the classification of evidences in advance based on its significance and relation to past crimes, as well as the severity of the evidence in terms of the probability occurrence of a cybercrime. This model is supposed to save time and effort during the automated forensic investigation process.

With the popularity of smart devices in the power grid and the advancement of data collection technology, the amount of electricity usage data has exploded in recent years, which is beneficial for optimizing service quality and grid operation. However, current data analysis is mainly based on cloud platforms, which poses challenges to transmission bandwidth, computing resources, and transmission delays. To solve the problem, this paper proposes a graph convolution neural networks (GCNs) based edge-cloud collaborative anomaly detection model. Specifically, the time series is converted into graph data based on visibility graph model, and graph convolutional network model is adopted to classify the labeled graph data for anomaly detection. Then a model segmentation method is proposed to adaptively divide the anomaly detection model between the edge equipment and the back-end server. Experimental results show that the proposed scheme provides an effective solution to edge anomaly detection and can make full use of the computing resources of terminal equipment.

This article considers the group consistency of second-order MAS with directly connected spanning tree communication topology. Because the MAS is divided into several groups, we proposed a group consistency control method based on intermittent control, and the range of parameters is given when the system achieves consensus. The protocol can realize periodic control and reduce the working hours of the controller in period. Furthermore, the group consistency of MAS is turn to the stability analysis of error, and a group consistency protocol of MAS with time-delays is designed. Finally, two examples are used for verify the theory.

The availability of number of open-source hacking tools over the internet and many hacking tools in-built with the Kali Linux operating system led to easy understanding and performing hacking by individuals. Even though, hacking the Wi-Fi passwords is considered a tedious task with open-source tools, they can be hacked easily with phishing. Phishing involves tricking the users with malicious emails and obtaining sensitive information from them. This paper describes the different wireless security protocols and tools for hacking wireless networks. A python script is developed which can be sent as phishing to get all the SSID's and passwords to which the system has been connected. The script has been executed and the results are presented.

In recent years, with the rapid update of wireless communication technologies such as 5G and the Internet of Things, as well as the explosive growth of wireless intelligent devices, people's demand for radio spectrum resources is increasing, which leads spectrum scarcity is becoming more serious. To address the scarcity of spectrum, the Internet of Things based on cognitive radio (CR-IoT) has become an effective technique to enable IoT devices to reuse the spectrum that has been fully utilized. The frequency band information is transmitted through wireless communication in the CR-IoT network, so the node is easily to be eavesdropped or tampered with by attackers in the process of transmitting data, which leads to information leakage and wrong perception results. To deal with the security problem of channel data transmission, this paper proposes a chaotic compressed spectrum sensing algorithm. In this algorithm, the chaotic parameter package is utilized to generate the measurement matrix, which makes good use of the sensitivity of the initial value of chaotic system to improve the transmission security. And the introduction of the semi-tensor theory significantly reduces the dimension of the matrix that the secondary user needs to store. In addition, the semi-tensor compressed sensing is used in the fusion center for parallel reconstruction process, which effectively reduces the sensing time delay. The simulation results show that the chaotic compressed spectrum sensing algorithm can achieve faster, high-quality, and low-energy channel energy transmission.

As a decoy for hackers, honeypots have been proved to be a very valuable tool for collecting real data. However, due to closed source and vendor-specific firmware, there are significant limitations in cost for researchers to design an easy-to-use and high-interaction honeypot for industrial control systems (ICSs). To solve this problem, it’s necessary to find a cost-effective solution. In this paper, we propose a novel honeypot architecture termed HoneyVP to support a semi-virtual and semi-physical honeypot design and implementation to enable high cost performance. Specially, we first analyze cyber-attacks on ICS devices in view of different interaction levels. Then, in order to deal with these attacks, our HoneyVP architecture clearly defines three basic independent and cooperative components, namely, the virtual component, the physical component, and the coordinator. Finally, a local-remote cooperative ICS honeypot system is implemented to validate its feasibility and effectiveness. Our experimental results show the advantages of using the proposed architecture compared with the previous honeypot solutions. HoneyVP provides a cost-effective solution for ICS security researchers, making ICS honeypots more attractive and making it possible to capture physical interactions.