Biblio

With the development of embedded systems towards networking and intelligence, the security threats they face are becoming more difficult to prevent. Existing protection methods make it difficult to monitor jump instructions and their target addresses for tampering by attackers at the low hardware implementation overhead and performance overhead. In this paper, a hardware-assisted security monitoring module is designed to monitor the integrity of jump instructions and jump addresses when executing programs. The proposed method has been implemented on the Xilinx Kintex-7 FPGA platform. Experiments show that this method is able to effectively monitor tampering attacks on jump instructions as well as target addresses while the embedded system is executing programs.

Dynamic memory allocators are critical components of modern systems, and developers strive to find a balance between their performance and their security. Unfortunately, vulnerable allocators are routinely abused as building blocks in complex exploitation chains. Most of the research regarding memory allocators focuses on popular and standardized heap libraries, generally used by high-end devices such as desktop systems and servers. However, dynamic memory allocators are also extensively used in embedded systems but they have not received much scrutiny from the security community.In embedded systems, a raw firmware image is often the only available piece of information, and finding heap vulnerabilities is a manual and tedious process. First of all, recognizing a memory allocator library among thousands of stripped firmware functions can quickly become a daunting task. Moreover, emulating firmware functions to test for heap vulnerabilities comes with its own set of challenges, related, but not limited, to the re-hosting problem.To fill this gap, in this paper we present HEAPSTER, a system that automatically identifies the heap library used by a monolithic firmware image, and tests its security with symbolic execution and bounded model checking. We evaluate HEAPSTER on a dataset of 20 synthetic monolithic firmware images — used as ground truth for our analyses — and also on a dataset of 799 monolithic firmware images collected in the wild and used in real-world devices. Across these datasets, our tool identified 11 different heap management library (HML) families containing a total of 48 different variations. The security testing performed by HEAPSTER found that all the identified variants are vulnerable to at least one critical heap vulnerability. The results presented in this paper show a clear pattern of poor security standards, and raise some concerns over the security of dynamic memory allocators employed by IoT devices.

With the development of network technology, identifying specific traffic has become important in network monitoring and security. However, designing feature sets that can accurately describe network traffic is still an urgent problem. Most of existing researches cannot realize effectively the identification of targets, and don't perform well in the complex and dynamic network environment. Aiming at these problems, we propose a novel method in this paper, which learns correlation features of network traffic based on the hierarchical structure. Firstly, the method learns the spatial-temporal features using convolutional neural networks (CNNs) and the bidirectional long short-term memory networks (Bi-LSTMs), then builds network topology to capture dependency characteristics between sessions and learns the context-related features through the graph attention networks (GATs). Finally, the network traffic session is classified using a fully connected network. The experimental results show that our method can effectively improve the detection ability and achieve a better classification performance overall.

False data injection cyber-attack detection models on smart grid operation have been much explored recently, considering analytical physics-based and data-driven solutions. Recently, a hybrid data-driven physics-based model framework for monitoring the smart grid is developed. However, the framework has not been implemented in real-time environment yet. In this paper, the framework of the hybrid model is developed within a real-time simulation environment. OPAL-RT real-time simulator is used to enable Hardware-in-the-Loop testing of the framework. IEEE 9-bus system is considered as a testing grid for gaining insight. The process of building the framework and the challenges faced during development are presented. The performance of the framework is investigated under various false data injection attacks.

With the rise of IoT applications, about 20.4 billion devices will be online in 2020, and that number will rise to 75 billion a month by 2025. Different sensors in IoT devices let them get and process data remotely and in real time. Sensors give them information that helps them make smart decisions and manage IoT environments well. IoT Security is one of the most important things to think about when you're developing, implementing, and deploying IoT platforms. People who use the Internet of Things (IoT) say that it allows people to communicate, monitor, and control automated devices from afar. This paper shows how to use Deep learning and machine learning to make an IDS that can be used on IoT platforms as a service. In the proposed method, a cnn mapped the features, and a random forest classifies normal and attack classes. In the end, the proposed method made a big difference in all performance parameters. Its average performance metrics have gone up 5% to 6%.

The most vital requirement for the electric power system as a critical infrastructure is its security of supply. In course of the transition of the electric energy system, however, the security provided by the N-1 principle increasingly reaches its limits. The IT/OT convergence changes the threat structure significantly. New risk factors, that can lead to major blackouts, are added to the existing ones. The problem, however, the cost of security optimizations are not always in proportion to their value. Not every component is equally critical to the energy system, so the question arises, "How secure does my system need to be?". To adress the security-by-design principle, this contribution introduces a Security Metric (SecMet) that can be applied to Smart Grid architectures and its components and deliver an indicator for the "Securitisation Need" based on an individual risk assessment.

Nowadays, safety systems are an important feature for modern vehicles. Many accidents would have been occurred without them. In comparison with older vehicles, modern vehicles have a much better crumple zone, more airbags, a better braking system, as well as a much better and safer driving behaviour. Although, the vehicles safety systems are working well in these days, there is still space for improvement and for adding new security features. This paper describes the implementation of an Intelligent Caravan Monitoring System (ICMS) using the Controller Area Network (CAN), for the communication between the vehicle’s electronic system and the trailer’s electronic system. Furthermore, a comparison between the communication technology of this paper and a previous published paper will be made. The new system is faster, more flexible and more energy efficient.

Security in the communication systems rely mainly on a trusted Public Key Infrastructure (PKI) and Certificate Authorities (CAs). Besides the lack of automation, the complexity and the cost of assigning a signed certificate to a device, several allegations against CAs have been discovered, which has created trust issues in adopting this standard model for secure systems. The automation of the servers certificate assignment was achieved by the Automated Certificate Management Environment (ACME) method, but without confirming the trust of assigned certificate. This paper presents a complete tested and implemented solution to solve the trust of the Certificates provided to the servers by using the blockchain platform for certificate validation. The Blockchain network provides an immutable data store, holding the public keys of all domain names, while resolving the trust concerns by applying an automated Blockchain-based Domain Control Validation (B-DCV) for the server and client server verification. The evaluation was performed on the Ethereum Rinkeby testnet adopting the Proof of Authority (PoA) consensus algorithm which is an improved version of Proof of Stake (Po \$S\$) applied on Ethereum 2.0 providing superior performance compared to Ethereum 1.0.

Chaos is an interesting phenomenon for nonlinear systems that emerges due to its complex and unpredictable behavior. With the escalated use of low-powered edge-compute devices, data security at the edge develops the need for security in communication. The characteristic that Chaos synchronizes over time for two different chaotic systems with their own unique initial conditions, is the base for chaos implementation in communication. This paper proposes an encryption architecture suitable for communication of on-chip sensors to provide a POC (proof of concept) with security encrypted on the same chip using different chaotic equations. In communication, encryption is achieved with the help of microcontrollers or software implementations that use more power and have complex hardware implementation. The small IoT devices are expected to be operated on low power and constrained with size. At the same time, these devices are highly vulnerable to security threats, which elevates the need to have low power/size hardware-based security. Since the discovery of chaotic equations, they have been used in various encryption applications. The goal of this research is to take the chaotic implementation to the CMOS level with the sensors on the same chip. The hardware co-simulation is demonstrated on an FPGA board for Chua encryption/decryption architecture. The hardware utilization for Lorenz, SprottD, and Chua on FPGA is achieved with Xilinx System Generation (XSG) toolbox which reveals that Lorenz’s utilization is 9% lesser than Chua’s.

In this paper we present techniques for enhancing the security of south bound infrastructure in SDN which includes OpenFlow switches and end hosts. In particular, the proposed security techniques have three main goals: (i) validation and secure configuration of flow rules in the OpenFlow switches by trusted SDN controller in the domain; (ii) securing the flows from the end hosts; and (iii) detecting attacks on the switches by malicious entities in the SDN domain. We have implemented the proposed security techniques as an application for ONOS SDN controller. We have also validated our application by detecting various OpenFlow switch specific attacks such as malicious flow rule insertions and modifications in the switches over a mininet emulated network.

We continue to tackle the problem of poorly defined security metrics by building on and improving our previous work on designing sound security metrics. We reformulate the previous method into a set of conditions that are clearer and more widely applicable for deriving sound security metrics. We also modify and enhance some concepts that led to an unforeseen weakness in the previous method that was subsequently found by users, thereby eliminating this weakness from the conditions. We present examples showing how the conditions can be used to obtain sound security metrics. To demonstrate the conditions' versatility, we apply them to show that an aggregate security metric made up of sound security metrics is also sound. This is useful where the use of an aggregate measure may be preferred, to more easily understand the security of a system.

Archival services are one of the main functions of an information security management system for archival management, and the conversion and updating of archival intelligence services is an important means to meet the increasing diversity and wisdom of the age of intelligence. The purpose of this paper is to study an information security management system for archival management based on embedded artificial intelligence. The implementation of an embedded control management system for intelligent filing cabinets is studied. Based on a configurable embedded system security model, the access control process and the functional modules of the system based on a secure call cache are analysed. Software for wireless RF communication was designed, and two remote control options were designed using CAN technology and wireless RF technology. Tests have shown that the system is easy to use, feature-rich and reliable, and can meet the needs of different users for regular control of file room management.

Unmanned aerial vehicles (UAVs) and various network entities deployed on the ground can communicate with each other over the Internet of Drones (IoD), a network architecture designed expressly to allow communications between heterogenous entities. Drone technology has a wide range of uses, including on-demand package delivery, traffic and wild life surveillance, inspection of infrastructure and search, rescue and agriculture. However, IoD systems are vulnerable to numerous attacks, The main goal is to develop an all-encompassing security model that can be used to analyze security concerns in various UAV-based systems. With exceptional flexibility and increasing efficiency, trust management is a promising alternative to traditional detection methods. In a heterogeneous environment, it is also compatible with other security mechanisms. In this article, we present a fuzzy logic as an Insider Detection technique which calculate sensor data trust and assessing node behavior. To build confidence throughout the entire IoD, our proposal divides trust into two parts: Data trust and Node trust. This is in contrast to earlier models. Experimental results show that our solution is effective in terms of False positive ratio and Average of end-to-end delay.

Nowadays, smart cities (SCs) use technologies and different types of data collected to improve the lifestyles of their citizens. Indeed, connected smart vehicles are technologies used for an SC’s intelligent traffic monitoring systems (ITMSs). However, most proposed monitoring approaches do not consider realtime monitoring. This paper presents real-time data processing for an intelligent traffic monitoring dashboard using the Hadoop ecosystem dashboard components. Many data are available due to our proposed monitoring approach, such as the total number of vehicles on different routes and data on trucks within a radius (10KM) of a specific point given. Based on our generated data, we can make real-time decisions to improve circulation and optimize traffic flow.

Smart building security systems typically consist of sensors and controllers that monitor power operating systems, alarms, camera monitoring, access controls, and many other important information and security systems. These systems are managed and controlled through online platforms. A successful attack on one of these platforms may result in the failure of one or more critical intelligent systems in the building. In this paper, the security requirements in the application layer of any IoT system were discussed, in particular the role of IoT platforms in dealing with the security problems that smart buildings are exposed to and the extent of their strength to reduce the attacks they are exposed to, where an experimental platform was designed to test the presence of security vulnerabilities and This was done by using the Zed Attack Proxy (ZAP) tool, according to the OWASP standards and security level assessment, and the importance of this paper comes as a contribution to providing information about the most famous IoT platforms and stimulating work to explore security concerns in IoT-based platforms.

In financial markets such as stock markets, securities are traded at a price where supply equals demand. Behind the impediments to the short-selling of stock, most participants in the stock market are buyers, so trades are more probable at higher prices than in situations without such restrictions. However, the order imbalance that occurs when buy orders exceed sell orders can change due to many factors. Hence, it is insufficient to discuss the effects of order imbalance caused by impediments to short-selling on the stock price only through empirical studies. Our study used an artificial market to investigate the effects on traded price and quantity of limit orders. The simulation results revealed that the order imbalance when buy orders exceed sell orders increases the traded price and results in fewer quantities of limit sell orders than limit buy orders. In particular, when the sell/buy ratio of the order imbalance model is less than or equal to 0.9, the limit sell/buy ratio becomes lower than that. Lastly, we investigated the mechanisms of the effects on traded price and quantity of limit orders.

In this work different Meta-heuristic Techniques have been endeavored for addressing the Security Constrained Optimal Power Flow (SCOPF) and Optimal Power Flow (OPF)problem for minimizing the total fuel cost of the system. Here four meta-heuristics i.e. Genetic Algorithm (GA), Big Bang-Big Crunch Algorithm (BBBC), Shuffled Frog Leap Algorithm (SFLA) and Jaya Algorithms (JA) have been discussed. The problem was simulated on IEEE 30 bus standard test system under MATLAB environment. The simulation results show that JA outperforms GA, SFLA, and BBBC in terms of overall cost and computational time.

The emergence of smart cars has revolutionized the automotive industry. Today's vehicles are equipped with different types of electronic control units (ECUs) that enable autonomous functionalities like self-driving, self-parking, lane keeping, and collision avoidance. The ECUs are connected to each other through an in-vehicle network, named Controller Area Network. In this talk, we will present the different cyber attacks that target autonomous vehicles and explain how an intrusion detection system (IDS) using machine learning can play a role in securing the Controller Area Network. We will also discuss the main research contributions for the security of autonomous vehicles. Specifically, we will describe our IDS, named Histogram-based Intrusion Detection and Filtering framework. Next, we will talk about the machine learning explainability issue that limits the acceptability of machine learning in autonomous vehicles, and how it can be addressed using our novel intrusion detection system based on rule extraction methods from Deep Neural Networks.

Keystroke dynamics is one solution to enhance the security of password authentication without adding any disruptive handling for users. Industries are looking for more security without impacting too much user experience. Considered as a friction-less solution, keystroke dynamics is a powerful solution to increase trust during user authentication without adding charge to the user. In this paper, we address the problem of user authentication considering the keystroke dynamics modality. We proposed a new approach based on the conversion of behavioral biometrics data (time series) into a 3D image. This transformation process keeps all the characteristics of the behavioral signal. The time series do not receive any filtering operation with this transformation and the method is bijective. This transformation allows us to train images based on convolutional neural networks. We evaluate the performance of the authentication system in terms of Equal Error Rate (EER) on a significant dataset and we show the efficiency of the proposed approach on a multi-instance system.

As an emerging technology, IoT is rapidly revolutionizing the global communication network with billions of new devices deployed and connected with each other. Many of these devices collect and transfer a large amount of sensitive or mission critical data, making security a top priority. Compared to traditional Internet, IoT networks often operate in open and harsh environment, and may experience frequent delays, traffic loss and attacks; Meanwhile, IoT devices are often severally constrained in computational power, storage space, network bandwidth, and power supply, which prevent them from deploying traditional security schemes. Authentication is an important security mechanism that can be used to identify devices or users. Due to resource constrains of IoT networks, it is highly desirable for the authentication scheme to be lightweight while also being highly effective. In this paper, we developed and evaluated a hash-chain-based multi-node mutual authentication algorithm. Nodes on a network all share a common secret key and broadcast to other nodes in range. Each node may also add to the hash chain and rebroadcast, which will be used to authenticate all nodes in the network. This algorithm has a linear running time and complexity of O(n), a significant improvement from the O(nˆ2) running time and complexity of the traditional pairwise multi-node mutual authentication.

The design of efficient and secure cryptographic algorithms is a fundamental problem of cryptography. Due to the tight cost and constrained resources devices such as Radio-Frequency IDentification (RFID), wireless sensors, smart cards, health-care devices, lightweight cryptography has received a great deal of attention. Recent research mainly focused on designing optimized cryptographic algorithms which trade offs between security performance, time consuming, energy consumption and cost. In this paper, we present two chaotic stream ciphers based on chaos and we report the results of a comparative performance evaluation study. Compared to other crypto-systems of the literature, we demonstrate that our designed stream ciphers are suitable for practical secure applications of the Internet of Things (IoT) in a constrained resource environment.

In this paper, we propose a new ordered statistics decoding (OSD) for linear block codes, which is referred to as local constraint-based OSD (LC-OSD). Distinguished from the conventional OSD, which chooses the most reliable basis (MRB) for re-encoding, the LC-OSD chooses an extended MRB on which local constraints are naturally imposed. A list of candidate codewords is then generated by performing a serial list Viterbi algorithm (SLVA) over the trellis specified with the local constraints. To terminate early the SLVA for complexity reduction, we present a simple criterion which monitors the ratio of the bound on the likelihood of the unexplored candidate codewords to the sum of the hard-decision vector’s likelihood and the up-to-date optimal candidate’s likelihood. Simulation results show that the LC-OSD can have a much less number of test patterns than that of the conventional OSD but cause negligible performance loss. Comparisons with other complexity-reduced OSDs are also conducted, showing the advantages of the LC-OSD in terms of complexity.

Internet speeds and technological advancements have made individuals increasingly concerned about their personal information being compromised by criminals. There have been a slew of new steganography and data concealment methods suggested in recent years. Steganography is the art of hiding information in plain sight (text, audio, image and video). Unauthorized users now have access to steganographic analysis software, which may be used to retrieve the carrier files valuable secret information. Unfortunately, because to their inefficiency and lack of security, certain steganography techniques are readily detectable by steganalytical detectors. We present a video steganography technique based on the linear block coding concept that is safe and secure. Data is protected using a binary graphic logo but also nine uncompressed video sequences as cover data and a secret message. It's possible to enhance the security by rearranging pixels randomly in both the cover movies and the hidden message. Once the secret message has been encoded using the Hamming algorithm (7, 4) before being embedded, the message is even more secure. The XOR function will be used to add the encoded message's result to a random set of values. Once the message has been sufficiently secured, it may be inserted into the video frames of the cover. In addition, each frame's embedding region is chosen at random so that the steganography scheme's resilience can be improved. In addition, our experiments have shown that the approach has a high embedding efficiency. The video quality of stego movies is quite close to the original, with a PSNR (Pick Signal to Noise Ratio) over 51 dB. Embedding a payload of up to 90 Kbits per frame is also permissible, as long as the quality of the stego video is not noticeably degraded.

The correctness of user traffic forwarding paths is an important goal of trusted transmission. Many network security issues are related to it, i.e., denial-of-service attacks, route hijacking, etc. The current path-aware network architecture can effectively overcome this issue through path verification. At present, the main problems of path verification are high communication and high computation overhead. To this aim, this article proposes a lightweight real-time verification mechanism of intradomain forwarding paths in autonomous systems to achieve a path verification architecture with no communication overhead and low computing overhead. The problem situation is that a packet finally reaches the destination, but its forwarding path is inconsistent with the expected path. The expected path refers to the packet forwarding path determined by the interior gateway protocols. If the actual forwarding path is different from the expected one, it is regarded as an incorrect forwarding path. This article focuses on the most typical intradomain routing environment. A few routers are set as the verification routers to block the traffic with incorrect forwarding paths and raise alerts. Experiments prove that this article effectively solves the problem of path verification and the problem of high communication and computing overhead.

Detection of malware and security attacks is a complex process that can vary in its details and analysis activities. As part of the detection process, malware scanners try to categorize a malware once it is detected under one of the known malware categories (e.g. worms, spywares, viruses, etc.). However, many studies and researches indicate problems with scanners categorizing or identifying a particular malware under more than one malware category. This paper, and several others, show that machine learning can be used for malware detection especially with ensemble base prediction methods. In this paper, we evaluated several custom-built ensemble models. We focused on multi-label malware classification as individual or classical classifiers showed low accuracy in such territory.This paper showed that recent machine models such as ensemble and deep learning can be used for malware detection with better performance in comparison with classical models. This is very critical in such a dynamic and yet important detection systems where challenges such as the detection of unknown or zero-day malware will continue to exist and evolve.