Biblio

{With the rapid development of cyberspace, cyber security incidents are increasing, and the means and types of network attacks are becoming more and more complex and refined, which brings greater challenges to security risk control. First, the knowledge graph technology is used to construct a cyber security knowledge graph based on ontology to realize multi-source heterogeneous security big data fusion calculation, and accurately express the complex correlation between different security entities. Furthermore, for cyber security risk control, a key node assessment method for security risk diffusion is proposed. From the perspectives of node communication correlation and topological level, the calculation method of node communication importance based on improved PageRank Algorithm and based on the improved K-shell Algorithm calculates the importance of node topology are studied, and then organically combine the two calculation methods to calculate the importance of different nodes in security risk defense. Experiments show that this method can evaluate the importance of nodes more accurately than the PageRank algorithm and the K-shell algorithm.

Internet of Battlefield Things (IoBTs) are well positioned to take advantage of recent technology trends that have led to the development of low-power neural accelerators and low-cost high-performance sensors. However, a key challenge that needs to be dealt with is that despite all the advancements, edge devices remain resource-constrained, thus prohibiting complex deep neural networks from deploying and deriving actionable insights from various sensors. Furthermore, deploying sophisticated sensors in a distributed manner to improve decision-making also poses an extra challenge of coordinating and exchanging data between the nodes and server. We propose an architecture that abstracts away these thorny deployment considerations from an end-user (such as a commander or warfighter). Our architecture can automatically compile and deploy the inference model into a set of distributed nodes and server while taking into consideration of the resource availability, variation, and uncertainties.

As modern vehicles are complex IoT devices with intelligence capable to connect to an external infrastructure and use Vehicle-to-Everything (V2X) communication, there is a need to secure the communication to avoid being a target for cyber-attacks. Also, the organs of the car (sensors, communication, and control) each could have a vulnerability, that leads to accidents or potential deaths. Manufactures of cars have a huge responsibility to secure the safety of their costumers and should not skip the important security research, instead making sure to implement important security measures, which makes your car less likely to be attacked. This paper covers the relevant attacks and threats to modern vehicles and presents a security analysis with potential countermeasures. We discuss the future of modern and autonomous vehicles and conclude that more countermeasures must be taken to create a future and safe concept.

This paper proposes a configurable architecture of butterfly unit (BU) supporting number theoretic transform (NTT) and inverse NTT (INTT) accelerators in the ring learning with error based homomorphic encryption. The proposed architecture is fully pipelined and carefully optimized the critical path delay. To compare with related works, several BU designs of different bit-size specific primes are synthesized and successfully placed-and-routed on the Xilinx Zynq UltraScale+ ZCU102 FPGA platform. Implementation results show that the proposed BU designs achieve 3× acceleration with more efficient resource utilization compared with previous works. Thus, the proposed BU architecture is worthwhile to develop NTTINTT accelerators in advanced homomorphic encryption systems.

Fake news, frequently making use of tampered photos, has currently emerged as a global epidemic, mainly due to the widespread use of social media as a present alternative to traditional news outlets. This development is often due to the swiftly declining price of advanced cameras and phones, which prompts the simple making of computerized pictures. The accessibility and usability of picture-altering softwares make picture-altering or controlling processes significantly simple, regardless of whether it is for the blameless or malicious plan. Various investigations have been utilized around to distinguish this sort of controlled media to deal with this issue. This paper proposes an efficient technique of copy-move forgery detection using the deep learning method. Two deep learning models such as Buster Net and VGG with FPN are used here to detect copy move forgery in digital images. The two models' performance is evaluated using the CoMoFoD dataset. The experimental result shows that VGG with FPN outperforms the Buster Net model for detecting forgery in images with an accuracy of 99.8% whereas the accuracy for the Buster Net model is 96.9%.

The article proposes a general approach to the implementation of encryption schemes based on the group of automorphisms of the Hermitian functional field. The three-parameter group is used with logarithmic captions outside the center of the group. This time we applied for an encryption scheme based on a Hermitian function field with homomorphic encryption. The use of homomorphic encryption is an advantage of this implementation. The complexity of the attack and the size of the encrypted message depends on the strength of the group.

Recently, DDoS attack has developed rapidly and become one of the most important threats to the Internet. Traditional machine learning and deep learning methods can-not train a satisfactory model based on the data of a single client. Moreover, in the real scenes, there are a large number of devices used for traffic collection, these devices often do not want to share data between each other depending on the research and analysis value of the attack traffic, which limits the accuracy of the model. Therefore, to solve these problems, we design a DDoS attack detection model based on federated learning named FLDDoS, so that the local model can learn the data of each client without sharing the data. In addition, considering that the distribution of attack detection datasets is extremely imbalanced and the proportion of attack samples is very small, we propose a hierarchical aggregation algorithm based on K-Means and a data resampling method based on SMOTEENN. The result shows that our model improves the accuracy by 4% compared with the traditional method, and reduces the number of communication rounds by 40%.

Information security has become a crucial issue not only from the technical standpoint, but also from the managerial standpoint. The necessity for organizations to understand and manage cyber risk has led to the rise of a plethora of risk assessment methods and tools. These approaches are often difficult to interpret and complex to manage for organizations. In this paper, we propose a simple and quantitative method for the estimation of the likelihood of occurrence of a cyber incident. Our approach uses a generalized logistic function and a cumulative geometric distribution to combine the maturity and the complexity of the technical infrastructure of an organization with its attractiveness towards cyber criminals.

Considered is a network of parallel wireless channels in which individual parties are engaged in secret communication under the protection of cooperative jamming. A strategic eavesdropper selects the most vulnerable channels to attack. Existing works usually suggest the defender allocate limited cooperative jamming power to various channels. However, it usually requires some strong assumptions and complex computation to find such an optimal power control policy. This paper proposes a probabilistic cooperative jamming scheme such that the defender focuses on protecting randomly selected channels. Two different cases regarding each channel’s eavesdropping capacity are discussed. The first case studies the general scenario where each channel has different eavesdropping capacity. The second case analyzes an extreme scenario where all channels have the same eavesdropping capacity. Two non-zero-sum Nash games model the competition between the network defender and an eavesdropper in each case. Furthermore, considering the case that the defender does not know the eavesdropper’s channel state information (CSI) leads to a Bayesian game. For all three games, we derive conditions for the existence of a unique Nash equilibrium (NE), and obtain the equilibria and the value functions in closed form.

In the Bitcoin mining network, miners contribute computation power to solve crypto-puzzles in exchange for financial rewards. Due to the randomness and the competitiveness of mining, individual miners tend to join mining pools for low risks and steady incomes. Usually, a pool is managed by its central operator, who charges fees for providing risk-sharing services. This paper presents a hierarchical distributed computation paradigm where miners can distribute their power among multiple pools. By adding virtual pools, we separate miners’ dual roles of being the operator as well as being the member when solo mining. We formulate a multi-leader multi-follower Stackelberg game to study the joint utility maximization of pool operators and miners, thereby addressing a computation power allocation problem. We investigate two practical pool operation modes, a uniform-share-difficulty mode and a nonuniform-share-difficulty mode. We derive analytical results for the Stackelberg equilibrium of the game under both modes, based on which optimal strategies are designed for all operators and miners. Numerical evaluations are presented to verify the proposed model.

While a huge number of IoT devices are connecting to the cyber physical systems, the demand for security of these devices are increasing. Due to the demand, world-wide competition for lightweight cryptography oriented towards small devices have been held. Although tamper resistance against illegal attacks were evaluated in the competition, there is no evaluation for embedded malicious circuits such as hardware Trojan.To achieve security evaluation for embedded malicious circuits, this study proposes an implementation method of hardware Trojan for Elephant which is one of the finalists in the competition. And also, the implementation overhead of hardware Trojans and the security risk of hardware Trojan are evaluated.

A grouping-proof protocol aims to generate an evidence that two or more RFID (Radio Frequency Identification) tags in a group are coexistent, which has been widely deployed in practical scenarios, such as healthcare, supply-chain management, and so on. However, existing grouping-proof protocols have many issues in security and efficiency, either incompatible with EPCglobal Class-1 Generation-2 (C1G2) standard, or vulnerable to different attacks. In this paper, we propose a lightweight grouping-proof protocol which only utilizes bitwise operations (AND, XOR) and 128-bit pseudorandom number generator (PRNG). 2-round interactions between the reader and the tags allow them to cooperate on fast authentication in parallel mode where the reader broadcasts its round messages rather than hang on for the prior tag and then fabricate apposite output for the next tag consecutively. Our design enables the reader to aggregate the first round proofs (to bind the membership of tags in the same group) generated by the tags to an authenticator of constant size (independent of the number of tags) that can then be used by the tags to generate the second round proofs (and that will be validated by the verifier). Formal security (i.e., PPT adversary cannot counterfeit valid grouping-proof that can be accepted by any verifier) of the proposed protocol relies on the hardness of the learning parity with noise (LPN) problem, which can resist against quantum computing attacks. Other appealing features (e.g., robustness, anonymity, etc.) are also inspected. Performance evaluation shows its applicability to C1G2 RFID.

Deepfake detection techniques have been widely studied to resolve security issues. However, existing techniques mainly focused on RGB channel-based analysis, which still shows incomplete detection accuracy. In this paper, we validate the performance of Gray channel-based deepfake detection. To compare RGB channel-based analysis and Gray channel-based analysis in deepfake detection, we quantitatively measured the performance by using popular CNN models, deepfake datasets, and evaluation indicators. Our experimental results confirm that Gray channel-based deepfake detection outperforms RGB channel-based deepfake detection in terms of accuracy and analysis time.

Human-machine teaming (HMT) operates in a context defined by the mission. Varying from the complexity and disturbance in the cooperation between humans and machines, a single machine has difficulty handling work with humans in the scales of efficiency and workload. Swarm of machines provides a more feasible solution in such a mission. Human-swarm teaming (HST) extends the concept of HMT in the mission, such as persistent surveillance, search-and-rescue, warfare. Bringing the concept of HST faces several scientific challenges. For example, the strategies of allocation on the high-level decision making. Here, human usually plays the supervisory or decision making role. Performance of such fixed structure of HST in actual mission operation could be affected by the supervisor’s status from many aspects, which could be considered in three general parts: workload, situational awareness, and trust towards the robot swarm teammate and mission performance. Besides, the complexity of a single human operator in accessing multiple machine agents increases the work burdens. An interface between swarm teammates and human operators to simplify the interaction process is desired in the HST.In this paper, instead of purely considering the workload of human teammates, we propose the computational model of human swarm interaction (HSI) in the simulated map surveillance mission. UAV swarm and human supervisor are both assigned in searching a predefined area of interest (AOI). The workload allocation of map monitoring is adjusted based on the status of the human worker and swarm teammate. Workload, situation awareness ability, trust are formulated as independent models, which affect each other. A communication-aware UAV swarm persistent surveillance algorithm is assigned in the swarm autonomy portion. With the different surveillance task loads, the swarm agent’s thrust parameter adjusts the autonomy level to fit the human operator’s needs. Reinforcement learning is applied in seeking the relative balance of workload in both human and swarm sides. Metrics such as mission accomplishment rate, human supervisor performance, mission performance of UAV swarm are evaluated in the end. The simulation results show that the algorithm could learn the human-machine trust interaction to seek the workload balance to reach better mission execution performance. This work inspires us to leverage a more comprehensive HST model in more practical HMT application scenarios.

Data security and privacy have become an important problem while big data systems are growing dramatically fast in various application fields. Paillier additive homomorphic cryptosystem is widely used in information security fields such as big data security, communication security, cloud computing security, and artificial intelligence security. However, how to improve its computational performance is one of the most critical problems in practice. In this paper, we propose two modifications to improve the performance of the Paillier cryptosystem. Firstly, we introduce a key generation method to generate the private key with low Hamming weight, and this can be used to accelerate the decryption computation of the Paillier cryptosystem. Secondly, we propose an acceleration method based on Hensel lifting in the Paillier cryptosystem. This method can obtain a faster and improved decryption process by showing the mathematical analysis of the decryption algorithm.

In this paper, a multiple switches open-fault diagnostic method using ANNs (Artificial Neural Networks) for three-phase PWM (Pulse Width Modulation) converters is proposed. When an open-fault occurs on switches in the converter, the stator currents can include dc and harmonic components. Since these abnormal currents cannot be easily cut off by protection circuits, secondary faults can occur in peripherals. Therefore, a method of diagnosing the open-fault is required. For open-faults for single switch and double switches, there are 21 types of fault modes depending on faulty switches. In this paper, these fault modes are localized by using the dc component and THD (Total Harmonics Distortion) in fault currents. For obtaining the dc component and THD in the currents, an ADALINE (Adaptive Linear Neuron) is used. For localizing fault modes, two ANNs are used in series; the 21 fault modes are categorized into six sectors by the first ANN of using the dc components, and then the second ANN localizes fault modes by using both the dc and THDs of the d-q axes current in each sector. Simulations and experiments confirm the validity of the proposed method.

With the increase of the number of network threats, the knowledge graph is an effective method to quickly analyze the network threats from the mass of network security texts. Named entity recognition in network security domain is an important task to construct knowledge graph. Aiming at the problem that key Chinese entity information in network security related text is difficult to identify, a named entity recognition model in network security domain based on BERT-BiLSTM-CRF is proposed to identify key named entities in network security related text. This model adopts the BERT pre-training model to obtain the word vectors of the preceding and subsequent text information, and the obtained word vectors will be input to the subsequent BiLSTM module and CRF module for encoding and sorting. The test results show that this model has a good effect on the data set of network security domain. The recognition effect of this model is better than that of LSTM-CRF, BERT-LSTM-CRF, BERT-CRF and other models, and the F1=93.81%.

With the rapid development of communication net-work, the types and quantities of network traffic data have in-creased substantially. What followed was the frequent occurrence of versatile cyber attacks. As an important part of network security, the network-based intrusion detection system (NIDS) can monitor and protect the network equippments and terminals in real time. The traditional detection methods based on deep learning (DL) are always in supervised manners in NIDS, which can automatically build end-to-end detection model without man-ual feature extraction and selection by domain experts. However, supervised learning methods require large-scale labeled data, yet capturing large labeled datasets is a very cubersome, tedious and time-consuming manual task. Instead, unsupervised learning is an effective way to overcome this problem. Nonetheless, the ex-isting unsupervised methods are prone to low detection efficiency and are difficult to train. In this paper we propose a novel NIDS method called PGAN based on generative adversarial network (GAN) to detect the abnormal traffic from the perspective of Anomaly Detection, which leverage the competitive speciality of adversarial training to learn the normal traffic. Based on the public dataset CICIDS2017, three experimental results show that PGAN can significantly outperform other unsupervised methods like stacked autoencoder (SAE) and isolation forest (IF).

Distributed Container-based cloud system has the advantages of rapid deployment, efficient virtualization, simplified configuration, and well-scalability. However, good scalability may slow down container-based cloud because it is more vulnerable to gray faults. As a new fault model similar with fail-slow and limping, gray fault has so many root causes that current studies focus only on a certain type of fault are not sufficient. And unlike traditional cloud, container is a black box provided by service providers, making it difficult for traditional API intrusion-based diagnosis methods to implement. A better approach should shield low-level causes from high-level processing. A Gray Fault Prediction Strategy based on Context Graph is proposed according to the correlation between gray faults and application scenarios. From historical data, the performance metrics related to how above context evolve to fault scenarios are established, and scenarios represented by corresponding data are stored in a graph. A scenario will be predicted as a fault scenario, if its isomorphic scenario is found in the graph. The experimental results show that the success rate of prediction is stable at more than 90%, and it is verified the overhead is optimized well.

With the advancement of network physical social system (npss), a large amount of data privacy has become the targets of hacker attacks. Due to the complex and changeable attack methods of hackers, network security threats are becoming increasingly severe. As an important type of active defense, honeypots use the npss as a carrier to ensure the security of npss. However, traditional honeynet structures are relatively fixed, and it is difficult to trap hackers in a targeted manner. To bridge this gap, this paper proposes a recommendation method for LSTM prediction trap components based on attention mechanism. Its characteristic lies in the ability to predict hackers' attack interest, which increases the active trapping ability of honeynets. The experimental results show that the proposed prediction method can quickly and effectively predict the attacking behavior of hackers and promptly provide the trapping components that hackers are interested in.

In order to meet the requirements of secure start-up of embedded devices, this paper designs a secure and trusted circuit to realize the secure and trusted start-up of the system. This paper analyzes the principle and method of the circuit design, and verifies the preset information of the embedded device before the start of the embedded device, so as to ensure that the start process of the embedded device is carried out according to the predetermined way, and then uses the security module to measure the integrity of the data in the start process, so as to realize a trusted embedded system. The experimental results show that the security module has stronger security features and low latency. The integrity measurement is implemented in the trusted embedded system to realize the safe startup of embedded devices.

Payment systems are a critical component of everyday life in our society. While in many situations payments are still slow, opaque, siloed, expensive or even fail, users expect them to be fast, transparent, cheap, reliable and global. Recent technologies such as distributed ledgers create opportunities for near-real-time, cheaper and more transparent payments. However, in order to achieve a global payment system, payments should be possible not only within one ledger, but also across different ledgers and geographies.In this paper we propose Secure Payments with Overlay Networks (SPON), a service that enables global payments across multiple ledgers by combining the transaction exchange provided by the Interledger protocol with an intrusion-tolerant overlay of relay nodes to achieve (1) improved payment latency, (2) fault-tolerance to benign failures such as node failures and network partitions, and (3) resilience to BGP hijacking attacks. We discuss the design goals and present an implementation based on the Interledger protocol and Spines overlay network. We analyze the resilience of SPON and demonstrate through experimental evaluation that it is able to improve payment latency, recover from path outages, withstand network partition attacks, and disseminate payments fairly across multiple ledgers. We also show how SPON can be deployed to make the communication between different ledgers resilient to BGP hijacking attacks.

As the number of Internet of things devices increases, there is a growing importance of securely managing and storing the secret and private keys in these devices. Public-key cryptosystems or symmetric encryption algorithms both use special keys that need to be kept secret from other peers in the network. Additionally, ensuring the integrity of the installed application firmware of these devices is another security problem. In this study, private key storage methods are explained in general. Also, ESP32-S2 device is used for experimental case study for its robust built-in trusted platform module. Secure boot and flash encryption functionalities of ESP32-S2 device, which offers a solution to these security problems, are explained and tested in detail.

Rescue robots are expected to soon become commonplace at disaster sites, where they are increasingly being deployed to provide rescuers with improved access and intervention capabilities while mitigating risks. The presence of robots in operation areas, however, is likely to carry a layer of additional ethical complexity to situations that are already ethically challenging. In addition, limited guidance is available for ethically informed, practical decision-making in real-life disaster settings, and specific ethics training programs are lacking. The contribution of this paper is thus to propose a tool aimed at supporting ethics training for rescuers operating with rescue robots. To this end, we have designed an interactive text-based simulation. The simulation was developed in Python, using Tkinter, Python's de-facto standard GUI. It is designed in accordance with the Case-Based Learning approach, a widely used instructional method that has been found to work well for ethics training. The simulation revolves around a case grounded in ethical themes we identified in previous work on ethical issues in rescue robotics: fairness and discrimination, false or excessive expectations, labor replacement, safety, and trust. Here we present the design of the simulation and the results of usability testing.

Secure multi-party computation(SMPC) is an important research field in cryptography, secure multi-party computation has a wide range of applications in practice. Accordingly, information security issues have arisen. Aiming at security issues in Secure multi-party computation, we consider that semi-honest participants have malicious operations such as collusion in the process of information interaction, gaining an information advantage over honest parties through collusion which leads to deviations in the security of the protocol. To solve this problem, we combine information entropy to propose an n-round information exchange protocol, in which each participant broadcasts a relevant information value in each round without revealing additional information. Through the change of the uncertainty of the correct result value in each round of interactive information, each participant cannot determine the correct result value before the end of the protocol. Security analysis shows that our protocol guarantees the security of the output obtained by the participants after the completion of the protocol.