Biblio

As any other infrastructure relying on cyber-physical systems (CPS), naval CPS are highly interconnected and collect considerable data streams, on which depend multiple command and navigation decisions. Being a data-driven decision system requiring optimized supervisory control on a permanent basis, it is critical to examine the CPS vulnerability to anomalies and their propagation. This paper presents an approach to detect CPS anomalies and estimate their propagation applying a quality assessed graph, which represents the CPS physical and digital subsystems, combined with system variables dependencies and a set of data and information quality measures vectors. Following the identification of variables dependencies and high-risk nodes in the CPS, data and information quality measures reveal how system variables are modified when an anomaly is detected, also indicating its propagation path. Taking as reference the normal state of a naval propulsion management system, four anomalies in the form of cyber-attacks - port scan, programmable logical controller stop, and man in the middle to change the motor speed and operation of a tank valve - were produced. Three anomalies were properly detected and their propagation path identified. These results suggest the feasibility of anomaly detection and estimation of propagation estimation in CPS, applying data and information quality analysis to a system graph.

This paper presents a computational study of Thai legal documents using text mining and network analytic approach. Thai legal systems rely much on the existing judicial rulings. Thus, legal documents contain complex relationships and require careful examination. The objective of this study is to use text mining to model relationships between these legal documents and draw useful insights. A structure of document relationship was found as a result of the study in forms of a network that is related to the meaningful relations of legal documents. This can potentially be developed further into a document retrieval system based on how documents are related in the network.

One of the most significant systems in computer network security assurance is the assessment of computer network security. With the goal of finding an effective method for performing the process of security evaluation in a computer network, this paper uses a deep neural network to be responsible for the task of security evaluating. The DNN will be built with python on Spyder IDE, it will be trained and tested by 17 network security indicators then the output that we get represents one of the security levels that have been already defined. The maj or purpose is to enhance the ability to determine the security level of a computer network accurately based on its selected security indicators. The method that we intend to use in this paper in order to evaluate network security is simple, reduces the human factors interferences, and can obtain the correct results of the evaluation rapidly. We will analyze the results to decide if this method will enhance the process of evaluating the security of the network in terms of accuracy.

Data warehouse and big data have become the trend to help organise data effectively. Business data are originating in various kinds of sources with different forms from conventional structured data to unstructured data, it is the input for producing useful information essential for business sustainability. This research will navigate through the complicated designs of the common big data and data warehousing technologies to propose an effective approach to use these technologies for designing and building an unstructured textual data warehouse, a crucial and essential tool for most enterprises nowadays for decision making and gaining business competitive advantages. In this research, we utilised the IBM BigInsights Text Analytics, PostgreSQL, and Pentaho tools, an unstructured data warehouse is implemented and worked excellently with the unstructured text from Amazon review datasets, the new proposed approach creates a practical solution for building an unstructured data warehouse.

Distant supervision is a widely used data labeling method for relation extraction. While aligning knowledge base with the corpus, distant supervision leads to a mass of wrong labels which are defined as noise. The pattern-based denoising model has achieved great progress in selecting trustable sentences (instances). However, the writing of relation-specific patterns heavily relies on expert’s knowledge and is a high labor intensity work. To solve these problems, we propose a noise reduction framework, NOIR, to iteratively select trustable sentences with a little help of a human. Under the guidance of experts, the iterative process can avoid semantic drift. Besides, NOIR can help experts discover relation-specific tokens that are hard to think of. Experimental results on three real-world datasets show the effectiveness of the proposed method compared with state-of-the-art methods.

Fully homomorphic encryption (FHE) was one of the most prominent research topics of the last ten years. And it is considered as a major cryptographic tool in a secure and reliable cloud computing environment. The reason behind that because it allows computations over encrypted data, without decrypting the original message. This paper developed a new symmetric (FHE) algorithm based on Enhanced Matrix Operation for Randomization and Encryption (EMORE) algorithm using a chaotic system. The proposed algorithm was considered a noise-free algorithm. It generates the ciphertext in a floating-point number's format, overcomes the problem of plaintext ring and modular arithmetic operation in EMORE by the hardness of a chaotic system, and provides another level of security in terms of randomness properties, sensitivity to the initial condition, and large key size (\textbackslashtextgreater2100) of a chaotic system. Besides that, the proposed algorithm provides the confidentiality and privacy of outsourced data computing through homomorphism property of it. By using both numerical and statistical tests, these tests proved that the proposed algorithm has positive randomness properties and provide secure and reliable encryption (through encryption-decryption time, key sensitivity, keyspace, and correlation). Finally, the simulation results show that the execution time of the proposed algorithm is faster about 7.85 times than the EMORE algorithm.

We propose a human-operator guided planning approach to pushing-based manipulation in clutter. Most recent approaches to manipulation in clutter employs randomized planning. The problem, however, remains a challenging one where the planning times are still in the order of tens of seconds or minutes, and the success rates are low for difficult instances of the problem. We build on these control-based randomized planning approaches, but we investigate using them in conjunction with human-operator input. In our framework, the human operator supplies a high-level plan, in the form of an ordered sequence of objects and their approximate goal positions. We present experiments in simulation and on a real robotic setup, where we compare the success rate and planning times of our human-in-the-loop approach with fully autonomous sampling-based planners. We show that with a minimal amount of human input, the low-level planner can solve the problem faster and with higher success rates.

An image forgery method called Deepfakes can cause security and privacy issues by changing the identity of a person in a photo through the replacement of his/her face with a computer-generated image or another person's face. Therefore, a new challenge of detecting Deepfakes arises to protect individuals from potential misuses. Many researchers have proposed various binary-classification based detection approaches to detect deepfakes. However, binary-classification based methods generally require a large amount of both real and fake face images for training, and it is challenging to collect sufficient fake images data in advance. Besides, when new deepfakes generation methods are introduced, little deepfakes data will be available, and the detection performance may be mediocre. To overcome these data scarcity limitations, we formulate deepfakes detection as a one-class anomaly detection problem. We propose OC-FakeDect, which uses a one-class Variational Autoencoder (VAE) to train only on real face images and detects non-real images such as deepfakes by treating them as anomalies. Our preliminary result shows that our one class-based approach can be promising when detecting Deepfakes, achieving a 97.5% accuracy on the NeuralTextures data of the well-known FaceForensics++ benchmark dataset without using any fake images for the training process.

A non-predicted and transient malfunctioning of one or multiple unmanned aerial vehicles (UAVs) is something that may happen over a course of their deployment. Therefore, it is very important to have means to detect these events and take actions for ensuring a high level of reliability, security, and safety of the flight for the predefined mission. In this research, we propose algorithms aiming at the detection and isolation of any faulty UAV so that the performance of the UAVs application is kept at its highest level. To this end, we propose the use of Kullback-Leiler Divergence (KLD) and Artificial Neural Network (ANN) to build algorithms that detect and isolate any faulty UAV. The proposed methods are declined in these two directions: (1) we compute a difference between the internal and external data, use KLD to compute dissimilarities, and detect the UAV that transmits erroneous measurements. (2) Then, we identify the faulty UAV using an ANN model to classify the sensed data using the internal sensed data. The proposed approaches are validated using a real dataset, provided by the Air Lab Failure and Anomaly (ALFA) for UAV fault detection research, and show promising performance.

An essential ingredient of the smart grid is software-based services. Increasingly, software is used to support control strategies and services that are critical to the grid's operation. Therefore, its correct operation is essential. For various reasons, software and its configuration needs to be updated. This update process represents a significant overhead for smart grid operators and failures can result in financial losses and grid instabilities. In this paper, we present a framework for determining the root causes of software rollout failures in the smart grid. It uses distributed sensors that indicate potential issues, such as anomalous grid states and cyber-attacks, and a causal inference engine based on a formalism called evidential networks. The aim of the framework is to support an adaptive approach to software rollouts, ensuring that a campaign completes in a timely and secure manner. The framework is evaluated for a software rollout use-case in a low voltage distribution grid. Experimental results indicate it can successfully discriminate between different root causes of failure, supporting an adaptive rollout strategy.

An open source and low-cost Supervisory Control and Data Acquisition System based on Node-RED and Arduino microcontrollers is presented in this paper. The system is designed for monitoring, supervision, and remotely controlling motors and sensors deployed for oil and gas facilities. The Internet of Things (IoT) based SCADA system consists of a host computer on which a server is deployed using the Node-RED programming tool and two terminal units connected to it: Arduino Uno and Arduino Mega. The Arduino Uno collects and communicates the data acquired from the temperature, flowrate, and water level sensors to the Node-Red on the computer through the serial port. It also uses a local liquid crystal display (LCD) to display the temperature. Node-RED on the computer retrieves the data from the voltage, current, rotary, accelerometer, and distance sensors through the Arduino Mega. Also, a web-based graphical user interface (GUI) is created using Node-RED and hosted on the local server for parsing the collected data. Finally, an HTTP basic access authentication is implemented using Nginx to control the clients' access from the Internet to the local server and to enhance its security and reliability.

With the remarkable growth of the Internet and communication technologies over the past few decades, Internet of Things (IoTs) is enabling the ubiquitous connectivity of heterogeneous physical devices with software, sensors, and actuators. IoT networks are naturally two layers with the cloud and cellular networks coexisting with the underlaid device-to-device communications. The connectivity of IoTs plays an important role in information dissemination for mission-critical and civilian applications. However, IoT communication networks are vulnerable to cyber attacks including the denial-of-service and jamming attacks, resulting in link removals in the IoT network. In this paper, we develop a heterogeneous IoT network design framework in which a network designer can add links to provide additional communication paths between two nodes or secure links against attacks by investing resources. By anticipating the strategic cyber attacks, we characterize the optimal design of the secure IoT network by first providing a lower bound on the number of links a secure network requires for a given budget of protected links, and then developing a method to construct networks that satisfy the heterogeneous network design specifications. Therefore, each layer of the designed heterogeneous IoT network is resistant to a predefined level of malicious attacks with minimum resources. Finally, we provide case studies on the Internet of Battlefield Things to corroborate and illustrate our obtained results.

The special feature of the thing-user centric communication is that thing-users can form a society autonomously and collaborate to solve problems. To share experiences and knowledge, thing-users form, join, and leave communities. The thing-user, who needs a help from other thing-users to accomplish a mission, searches thing-user communities and nominates thing-users of the discovered communities to organize a collaborative work group. Thing-user community should perform autonomously the social construction process and need principles and procedures for the community formation and collaboration within the thing-user communities. This paper defines thing-user communities and proposes an organizational structure for the thing-user community formation.

In an era of technological revolution in which everything becomes smarter and connected, the blockchain can introduce a new model for energy transactions able to grant more simplicity, security and transparency for end-users. The blockchain technology is characterized by a distributed architecture without a trusted and centralized authority, and, therefore, it appears as the perfect solutions for managing exchanges between peers. In this paper, a market algorithm that can be easily transferred to a smart contract for maximizing the match between produced and consumed energy in a micro-grid is presented. The algorithm supports energy transactions between peers (both producers and consumers) and could be one of the main executables implemented using a blockchain platform. The case study presented in this paper shows how the end-users through the blockchain could select among the possible energy transactions those more suitable to offer specific ancillary services to the grid operator without involving the grid operator itself or a third-party aggregator.

Tunnel approach to the security and privacy aspects of communication networks has been an issue since the inception of networking technologies. Neither the technology nor the regulatory and legal frame works proactively play a significant role towards addressing the ever escalating security challenges. As we have move to ubiquitous computing paradigm where information secrecy and privacy is coupled with new challenges of human to machine and machine to machine interfaces, a transformational model for security should be visited. This research is attempted to highlight the peripheral view of IoT based miniature device security paradigm with focus on standardization, regulations, user adaptation, software and applications, low computing resources and power consumption, human to machine interface and privacy.

Existing consumer devices represent the most pervasive computational platform available, but their inherently decentralized nature poses significant challenges for distributed computing adoption. In particular, device owners must willingly cooperate in collective deployments even while others may intentionally work to maliciously disrupt that cooperation. Public, cooperative systems benefit from low barriers to entry improving scalability and adoption, but simultaneously increase risk exposure to adversarial threats via promiscuous participant adoption. In this work, I aim to facilitate widespread adoption of cooperative systems by discussing the unique security and operational challenges of these systems, and highlighting several novel approaches that mitigate these disadvantages.

To protect data in cloud servers, fully homomorphic encryption (FHE) is an effective solution. In addition to encrypting data, FHE allows a third party to evaluate arithmetic circuits (i.e., computations) over encrypted data without decrypting it, guaranteeing protection even during the calculation. However, FHE supports only addition and multiplication. Functions that cannot be directly represented by additions or multiplications cannot be evaluated with FHE. A naïve implementation of such arithmetic operations with FHE is a bit-wise operation that encrypts numerical data as a binary string. This incurs huge computation time and storage costs, however. To overcome this limitation, we propose an efficient protocol to evaluate multi-input functions with FHE using a lookup table. We extend our previous work, which evaluates a single-integer input function, such as f(x). Our extended protocol can handle multi-input functions, such as f(x,y). Thus, we propose a new method of constructing lookup tables that can evaluate multi-input functions to handle general functions. We adopt integer encoding rather than bit-wise encoding to speed up the evaluations. By adopting both permutation operations and a private information retrieval scheme, we guarantee that no information from the underlying plaintext is leaked between two parties: a cloud computation server and a decryptor. Our experimental results show that the runtime of our protocol for a two-input function is approximately 13 minutes, when there are 8,192 input elements in the lookup table. By adopting a multi-threading technique, the runtime can be further reduced to approximately three minutes with eight threads. Our work is more practical than a previously proposed bit-wise implementation, which requires 60 minutes to evaluate a single-input function.

In recent days the attention of the researchers has been grabbed by the advent of fog computing which is found to be a conservatory of cloud computing. The fog computing is found to be more advantageous and it solves mighty issues of the cloud namely higher delay and also no proper mobility awareness and location related awareness are found in the cloud environment. The IoT devices are connected to the fog nodes which support the cloud services to accumulate and process a component of data. The presence of Fog nodes not only reduces the demands of processing data, but it had improved the quality of service in real time scenarios. Nevertheless the fog node endures from challenges of false data injection, privacy violation in IoT devices and violating integrity of data. This paper is going to address the key issues related to homomorphic encryption algorithms which is used by various researchers for providing data integrity and authenticity of the devices with their merits and demerits.

Software Defined Networking (SDN) focus on the isolation of control plane and data plane, greatly enhancing the network's support for heterogeneity and flexibility. However, although the programmable network greatly improves the performance of all aspects of the network, flexible load balancing across controllers still challenges the current SDN architecture. Complex application scenarios lead to flexible and changeable communication requirements, making it difficult to guarantee the Quality of Service (QoS) for SDN users. To address this issue, this paper proposes a paradigm that uses blockchain to incentive safe load balancing for multiple controllers. We proposed a controller consortium blockchain for secure and efficient load balancing of multi-controllers, which includes a new cryptographic currency balance coin and a novel consensus mechanism Proof-of-Balance (PoB). In addition, we have designed a novel game theory-based incentive mechanism to incentive controllers with tight communication resources to offload tasks to idle controllers. The security analysis and performance simulation results indicate the superiority and effectiveness of the proposed scheme.

A cyber-physical system (CPS) is a term that implements mainly three parts, Physical elements, communication networks, and control systems. Currently, CPS includes the Internet of Things (IoT), Internet of Vehicles (IoV), and many other systems. These systems face many security challenges and different types of attacks, such as Jamming, DDoS.CPS attacks tend to be much smarter and more dynamic; thus, it needs defending strategies that can handle this level of intelligence and dynamicity. Last few years, many researchers use machine learning as a base solution to many CPS security issues. This paper provides a survey of the recent works that utilized the Q-Learning algorithm in terms of security enabling and privacy-preserving. Different adoption of Q-Learning for security and defending strategies are studied. The state-of-the-art of Q-learning and CPS systems are classified and analyzed according to their attacks, domain, supported techniques, and details of the Q-Learning algorithm. Finally, this work highlight The future research trends toward efficient utilization of Q-learning and deep Q-learning on CPS security.

Blockchain become a suitable platform for peer to peer energy trade as it facilitates secure interactions among parties with trust or a mutual trusted 3rd party. However, the scalability issue of blockchains is a problem for real-time energy trade to be completed within a small time duration. In this paper, we use offline channels for blockchains to circumvent scalability problems of blockchains for peer to peer energy trade with small trade duration. We develop algorithms to find stable coalitions for energy trade using blockchain offline channels. We prove that our solution is secure against adversarial prosumer behaviors, it supports real-time trade as the algorithm is guaranteed to find and record stable coalitions before a fixed time, and the coalition structure generated by the algorithm is efficient.

The advanced complex electronic systems increasingly demand safer and more secure hardware parts. Correspondingly, fault injection became a major verification milestone for both safety- and security-critical applications. However, fault injection campaigns for gate-level designs suffer from huge execution times. Therefore, designers need to apply early design evaluation techniques to reduce the execution time of fault injection campaigns. In this work, we propose a method to represent gate-level Single-Event Transient (SET) faults by multiple Single-Event Upset (SEU) faults at the Register-Transfer Level. Introduced approach is to identify true and false logic paths for each SET in the flip-flops' fan-in logic cones to obtain more accurate sets of flip-flops for multiple SEUs injections at RTL. Experimental results demonstrate the feasibility of the proposed method to successfully reduce the fault space and also its advantage with respect to state of the art. It was shown that the approach is able to reduce the fault space, and therefore the fault-injection effort, by up to tens to hundreds of times.

With the continuous popularization of smart terminals, Android and IOS systems are the most mainstream mobile operating systems in the market, and their application types and application numbers are constantly increasing. As an open system, the security issues of Android application emerge in endlessly, such as the reverse decompilation of installation package, malicious code injection, application piracy, interface hijacking, SMS hijacking and input monitoring. These security issues will also appear on mobile applications in the power industry, which will not only result in the embezzlement of applied knowledge copyrights but also lead to serious leakage of users' information and even economic losses. It may even result in the remote malicious control of key facilities, which will cause serious social issues. Under the background of the development of smart grid information construction, also with the application and promotion of power services in mobile terminals, information security protection for mobile terminal applications and interactions with the internal system of the power grid has also become an important research direction. While analyzing the risks faced by mobile applications, this article also enumerates and analyzes the necessary measures for risk resolution.

The chapter presents a review of proactive Moving Target Defense (MTD) paradigm and investigates the feasibility and potential of specific MTD approaches for the resource‐constrained Internet of Things (IoT) applications. The aim is not only to provide taxonomy of various MTD approaches but also to advocate MTD techniques in the dynamic network domain in conjunction with the emerging Software Defined Networking (SDN) for more effective proactive IoT defense. The Internet of Battlefield Things (IoBT) and Industrial IoT (IIoT), which subject to more attacks, are identified as two critical IoT domains that can reap from the SDN‐based MTD approaches. Finally, the chapter also discusses potential future research challenges of the MTD approaches in the IoT domain.

The paper proposes a method for image content recovery based on digital watermarking. Existing image watermarking systems detect the tampering and can identify the exact positions of tampered regions, but only a few systems can recover the original image content. In this paper, we suggest a method for recovering the regions of interest (ROIs). It embeds the semi-fragile watermark resistant to JPEG compression (for the quality parameter values greater than or equal to the predefined threshold) and such local tamperings as splicing, copy-move, and retouching, whereas is destroyed by any other image modifications. In the experimental part, the performance of the method is shown on the road traffic JPEG images where the ROIs correspond to car license plates. The method is proven to be an efficient tool for recovering the original ROIs and can be integrated into any JPEG semi-fragile watermarking system.