Biblio

The code length and rate of length-compatible polar codes can be adaptively adjusted and changed because of the special coding structure. In this paper, we propose a method to construct length-compatible polar codes by employing physical layer encryption technology. The deletion way of frozen bits and generator matrix are random, which makes polar codes more flexible and safe. Simulation analysis shows that the proposed algorithm can not only effectively improve the performance of length-compatible polar codes but also realize the physical layer security encryption of the system.

Through the widespread use of information technologies, institutions have started to offer most of their services electronically. The best example of this is e-government. Since institutions provide their services to the electronic environment, the quality of the services they provide increases and their access to services becomes easier. Since personal information can be verified with inter-agency information sharing systems, wrong or unfair transactions can be prevented. Since information sharing between institutions is generally done through web services, protection of personal data transmitted via web services is of great importance. There are comprehensive national and international regulations on the protection of personal data. According to these regulations, protection of personal data shared between institutions is a legal obligation; protection of personal data is an issue that needs to be handled comprehensively. This study, protection of personal data shared between institutions through web services against software developers is discussed. With a proposed application, it is aimed to take a new security measure for the protection of personal data. The proposed application consists of a web interface prepared using React and Java programming languages and rest services that provide anonymization of personal data.

In the past air-gapped systems that are isolated from networks have been considered to be very secure. Yet there have been reports of such systems being breached. These breaches have shown to use unconventional means for communication also known as covert channels such as Acoustic, Electromagnetic, Magnetic, Electric, Optical, and Thermal to transfer data. In this paper, a review of various attack methods that can compromise an air-gapped system is presented along with a summary of how efficient and dangerous a particular method could be. The capabilities of each covert channel are listed to better understand the threat it poses and also some countermeasures to safeguard against such attack methods are mentioned. These attack methods have already been proven to work and awareness of such covert channels for data exfiltration is crucial in various industries.

Random numbers have a wide usage in the area of cryptography. In practice, pseudo random number generators are used in place of true random number generators, as regeneration of them may be required. Therefore because of generation methods of pseudo random number sequences, statistical randomness tests have a vital importance. In this paper, a randomness test suite is specified for long binary sequences. In literature, there are many randomness tests and test suites. However, in most of them, to apply randomness test, long sequences are partitioned into a certain fixed length and the collection of short sequences obtained is evaluated instead. In this paper, instead of partitioning a long sequence into fixed length subsequences, a concept of dynamic partitioning is introduced in accordance with the random variable in consideration. Then statistical methods are applied. The suggested suite, containing four statistical tests: Collision Tests, Weight Test, Linear Complexity Test and Index Coincidence Test, all of them work with the idea of dynamic partitioning. Besides the adaptation of this approach to randomness tests, the index coincidence test is another contribution of this work. The distribution function and the application of all tests are given in the paper.

The concept behind the Internet of Things (IoT) is taking everything and connecting to the internet so that all devices would be able to send and receive data online. Internet of Vehicles (IoV) is a key component of smart city which is an outcome of IoT. Nowadays the concept of IoT has plaid an important role in our daily life in different sectors like healthcare, agriculture, smart home, wearable, green computing, smart city applications, etc. The emerging IoV is facing a lack of rigor in data processing, limitation of anonymity, privacy, scalability, security challenges. Due to vulnerability IoV devices must face malicious hackers. Nowadays with the help of blockchain (BC) technology energy system become more intelligent, eco-friendly, transparent, energy efficient. This paper highlights two major challenges i.e. scalability and security issues. The flavor of edge computing (EC) considered here to deal with the scalability issue. A BC is a public, shared database that records transactions between two parties that confirms owners through cryptography. After a transaction is validated and cryptographically verified generates “block” on the BC and transactions are ordered chronologically and cannot be altered. Implementing BC and smart contracts technologies will bring security features for IoV. It plays a role to implement the rules and policies to govern the IoV information and transactions and keep them into the BC to secure the data and for future uses.

User identity and personal information remain to be hot targets for attackers. From recent surveys, we can categorize that 65.5% of all cyberattacks in 2018 target user information. Sadly, most of the time, the system's security depends on how secure it is the implementation from the provider-side. One defense technique that the user can take part in is applying a two-factor authentication (2FA) system for their account. However, we observe that state-of-the-art 2FAs have several weaknesses and limitations. In this paper, we propose TwoChain, a blockchain-based 2FA system for web services to overcome those issues. Our implementation facilitates an alternative 2FA system that is more secure, disposable, and decentralized. Finally, we release TwoChain for public use.

The dependency of the smart grid is higher in terms of Wireless Sensors (WS) for flexible monitoring and control. Sensor nodes are required to sense, collect and process the real-time data and transfer it to the monitoring stations. Mostly, it is deployed in extremely rural areas where human access is limited making it vulnerable to cyber intrusion. In this paper, an easy, efficient and low memory usage program is proposed to detect False Data Injection Cyber Attack (FDICA) in very little time to protect the smart grid network. Each bus of the IEEE test system is represented by a connected graph node having a weight equal to 1. During FDICA the weight of the node changes and triggers the alarm if the change is below the predefined threshold value. MATLAB software is used to evaluate the performance of the proposed method under different conditions. Simulation results indicate that the proposed method detects the FDICA in minimal time increasing the resilience capability of the smart grid.

The increasing using of IoT technologies in the industrial sector creates new challenges for the information security of such systems. Using IoT-devices for building SCADA systems cause standard protocols and public networks for data transmitting. Commercial off-the-shelf devices and systems are a new base for industrial control systems, which have high-security risks. There are some useful models are exist for security analysis of information systems, but they do not take into account IoT architecture. The nested attributed metagraph model for the security of IoT-based solutions is proposed and discussed.

Cloud computing is a new kind of computing model which allows users to effectively rent virtualized computing resources on pay as you go model. It offers many advantages over traditional models in IT industries and healthcare as well. However, there is lack of trust between CSUs and CSPs to prevent the extensive implementation of cloud technologies amongst industries. Different models are developed to overcome the uncertainty and complexity between CSP and CSU regarding suitability. Several researchers focused on resource optimization, scheduling and service dependability in cloud computing by using fuzzy logic. But, data storage and security using fuzzy logic have been ignored. In this paper, a trust evaluation model is proposed for cloud computing security using fuzzy theory. Authors evaluates how fuzzy logic increases efficiency in trust evaluation. To validate the effectiveness of proposed FTEM, authors presents a case study of healthcare organization.

In this digital era, technology is upgrading day by day and becoming more agile and intelligent. Smart devices and gadgets are now being used to find solutions to complex problems in various domains such as health care, industries, entertainment, education, etc. The Transport system, which is the biggest challenge for any governing authority of a state, is also not untouched with this development. There are numerous challenges and issues with the existing transport system, which can be addressed by developing intelligent and autonomous vehicles. The existing vehicles can be upgraded to use sensors and the latest communication techniques. The advancements in the Internet of Things (IoT) have the potential to completely transform the existing transport system to a more advanced and intelligent transport system that is the Internet of Vehicles (IoV). Due to the connectivity with the Internet, the Internet of Vehicles (IoV) is exposed to various security threats. Security is the primary issue, which requires to be addressed for success and adoption of the IoV. In this paper, the applicability of machine learning based solutions to address the security issue of IoV is analyzed. The performance of six machine-learning algorithms to detect Bot threats is validated by the k-fold cross-validation method in python.

This paper presents a new micro-architectural vulnerability on the power management units of modern computers which creates an electromagnetic-based side-channel. The key observations that enable us to discover this sidechannel are: 1) in an effort to manage and minimize power consumption, modern microprocessors have a number of possible operating modes (power states) in which various sub-systems of the processor are powered down, 2) for some of the transitions between power states, the processor also changes the operating mode of the voltage regulator module (VRM) that supplies power to the affected sub-system, and 3) the electromagnetic (EM) emanations from the VRM are heavily dependent on its operating mode. As a result, these state-dependent EM emanations create a side-channel which can potentially reveal sensitive information about the current state of the processor and, more importantly, the programs currently being executed. To demonstrate the feasibility of exploiting this vulnerability, we create a covert channel by utilizing the changes in the processor's power states. We show how such a covert channel can be leveraged to exfiltrate sensitive information from a secured and completely isolated (air-gapped) laptop system by placing a compact, inexpensive receiver in proximity to that system. To further show the severity of this attack, we also demonstrate how such a covert channel can be established when the target and the receiver are several meters away from each other, including scenarios where the receiver and the target are separated by a wall. Compared to the state-of-the-art, the proposed covert channel has \textbackslashtextgreater3x higher bit-rate. Finally, to demonstrate that this new vulnerability is not limited to being used as a covert channel, we demonstrate how it can be used for attacks such as keystroke logging.

In Robotics Operating System Process correspondence is the instrument given by the working framework that enables procedures to speak with one another Message passing model enables different procedures to peruse and compose information to the message line without being associated with one another, messages going between Robots. ROS is intended to be an inexactly coupled framework where a procedure is known as a hub and each hub ought to be answerable for one assignment. In the military application robots will go to go about as an officer and going ensure nation. In the referenced idea robot solider will give the message passing idea then the officers will go caution and start assaulting on the foes.

Internet is the most widely used technology in the current era of information technology and it is embedded in daily life activities. Due to its extensive use in everyday life, it has many applications such as social media (Face book, WhatsApp, messenger etc.,) and other online applications such as online businesses, e-counseling, advertisement on websites, e-banking, e-hunting websites, e-doctor appointment and e-doctor opinion. The above mentioned applications of internet technology makes things very easy and accessible for human being in limited time, however, this technology is vulnerable to various security threats. A vital and severe threat associated with this technology or a particular application is “Phishing attack” which is used by attacker to usurp the network security. Phishing attacks includes fake E-mails, fake websites, fake applications which are used to steal their credentials or usurp their security. In this paper, a detailed overview of various phishing attacks, specifically their background knowledge, and solutions proposed in literature to address these issues using various techniques such as anti-phishing, honey pots and firewalls etc. Moreover, installation of intrusion detection systems (IDS) and intrusion detection and prevention system (IPS) in the networks to allow the authentic traffic in an operational network. In this work, we have conducted end use awareness campaign to educate and train the employs in order to minimize the occurrence probability of these attacks. The result analysis observed for this survey was quite excellent by means of its effectiveness to address the aforementioned issues.

With the increase of the information level of SCADA system in recent years, the attacks against SCADA system are also increasing. Therefore, more and more scholars are beginning to study the safety of SCADA systems. Game theory is a balanced decision involving the main body of all parties. In recent years, domestic and foreign scholars have applied game theory to SCADA systems to achieve active defense. However, their research often focuses on the entire SCADA system, and the game theory is solved for the entire SCADA system, which is not flexible enough, and the calculation cost is also high. In this paper, a dynamic local game model (DLGM) for power SCADA system is proposed. This model first obtains normal data to form a whitelist, then dynamically detects each attack of the attacker's SCADA system, and through white list to determine the node location of the SCADA system attacked by the attacker, then obtains the smallest system attacked by SCADA system, and finally performs a local dynamic game algorithm to find the best defense path. Experiments show that DLGM model can find the best defense path more effectively than other game strategies.

Nowadays, there is a flood of data such as naked body photos and child pornography, which is making people bloodless. In addition, people also distribute drugs through unknown dark channels. In particular, most transactions are being made through the Deep Web, the dark path. “Deep Web refers to an encrypted network that is not detected on search engine like Google etc. Users must use Tor to visit sites on the dark web” [4]. In other words, the Dark Web uses Tor's encryption client. Therefore, users can visit multiple sites on the dark Web, but not know the initiator of the site. In this paper, we propose the key idea based on the current status of such crimes and a crime information visual system for Deep Web has been developed. The status of deep web is analyzed and data is visualized using Java. It is expected that the program will help more efficient management and monitoring of crime in unknown web such as deep web, torrent etc.

Password Guessing Attacks, for instance, Brute Force and word reference ambushes on online records are directly wide spread. Guarding the ambushes and giving the accommodating login the genuine customers together is a problematic endeavour. The present structures are lacking to give both the security and solace together. Phishing is a digital assault that targets credulous online clients fooling into uncovering delicate data, for example, username, secret key, standardized savings number or charge card number and so forth. Assailants fool the Internet clients by concealing site page as a dependable or real page to recover individual data. Password Guessing Attacks Resistance Protocol (PGARP) limits the full-scale number of logins attempts from darken remote hosts to as low as a single undertaking for each username, genuine customers all around (e.g., when tries are created utilizing known, occasionally used machines) can make a couple failed login tries before being tried with an ATT. A specific most distant point will be made to oblige the number of failed attempts with the ATT in order to keep the attacks. After the failed login attempt with ATT limit accomplished, an admonition will be sent to the customer concerning the failed login tries have accomplished the best measurement. This admonition will caution the customer and the customer will be urged to change the mystery expression and security question.

Named Data Network's (NDN) data-centric approach makes it a suitable solution in a networking scenario where there are connectivity issues as a result of the dynamism of the network. Coupling of this ability with the blockchain's well-documented immutable trustworthy-distributed ledger feature, the union of blockchain and NDN in an Internet-of-Battlefield-Things (IoBT) setting could prove to be the ideal alliance that would guarantee data exchanged in an IoBT environment is trusted and less susceptible to cyber-attacks and packet losses. Various blockchain technologies, however, require that each node has a ledger that stores information or transactions in a chain of blocks. This poses an issue as nodes in an IoBT setting have varying computing and storage resources. Moreover, most of the nodes in the IoT/IoBT network are plagued with limited resources. As such, there needs to be an approach that ensures that the limited resources of these nodes are efficiently utilized. In this paper, we investigate an approach that merges blockchain and NDN to efficiently utilize the resources of these resource-constrained nodes by only storing relevant information on each node's ledger. Furthermore, we propose a sharding technique called an Interest Group and introduce a novel consensus mechanism called Proof of Common Interest. Performance of the proposed approach is evaluated using numerical results.

A significant percentage of cyber security incidents can be prevented by changing human behaviors. The humans in the loop include the system administrators, software developers, end users and the personnel responsible for securing the system. Each of these group of people work in a given context and are affected by both soft factors such as management influences and workload and more tangible factors in the real world such as errors in procedures and scanning devices, faulty code or the usability of the systems they work with.

Complex CPS such as UAS got rapid development these years, but also became vulnerable to GPS spoofing, packets injection, buffer-overflow and other malicious attacks. Ensuring the behaviors of UAS always keeping secure no matter how the environment changes, would be a prospective direction for UAS security. This paper aims at presenting a reactive synthesis-based approach to implement the automatic generation of secure UAS controller. First, we study the operating mechanism of UAS and construct a high-Ievel model consisting of actuator and monitor. Besides, we analyze the security threats of UAS from the perspective of hardware, software and data transmission, and then extract the corresponding specifications of security properties with LTL formulas. Based on the UAS model and security specifications, the controller can be constructed by GR(1) synthesis algorithm, which is a two-player game process between UAV and Environment. Finally, we expand the function of LTLMoP platform to construct the automatons for controller in multi-robots system, which provides secure behavior strategies under several typical UAS attack scenarios.

Malicious login, especially lateral movement, has been a primary and costly threat for enterprises. However, there exist two critical challenges in the existing methods. Specifically, they heavily rely on a limited number of predefined rules and features. When the attack patterns change, security experts must manually design new ones. Besides, they cannot explore the attributes' mutual effect specific to login operations. We propose MLTracer, a graph neural network (GNN) based system for detecting such attacks. It has two core components to tackle the previous challenges. First, MLTracer adopts a novel method to differentiate crucial attributes of login operations from the rest without experts' designated features. Second, MLTracer leverages a GNN model to detect malicious logins. The model involves a convolutional neural network (CNN) to explore attributes of login operations, and a co-attention mechanism to mutually improve the representations (vectors) of login attributes through learning their login-specific relation. We implement an evaluation of such an approach. The results demonstrate that MLTracer significantly outperforms state-of-the-art methods. Moreover, MLTracer effectively detects various attack scenarios with a remarkably low false positive rate (FPR).

Due to environmental influence and technology limitation, a wireless sensor/sensors module can neither store or process all raw data locally nor reliably forward it to a destination in heterogeneous IoT environment. As a result, the data collected by the IoT's sensors are inherently noisy, unreliable, and may trigger many false alarms. These false or misleading data can lead to wrong decisions once the data reaches end entities. Therefore, it is highly recommended and desirable to acquire trustworthy data before data transmission, aggregation, and data storing at the end entities/cloud. In this paper, we propose an In-network Generalized Trustworthy Data Collection (IGTDC) framework for trustworthy data acquisition and faulty sensor detection in the IoT environment. The key idea of IGTDC is to allow a sensor's module to examine locally whether the raw data is trustworthy before transmitting towards upstream nodes. It further distinguishes whether the acquired data can be trusted or not before data aggregation at the sink/edge node. Besides, IGTDC helps to recognize a faulty or compromised sensor. For a reliable data collection, we use collaborative IoT technique, gate-level modeling, and programmable logic device (PLD) to ensure that the acquired data is reliable before transmitting towards upstream nodes/cloud. We use a hardware-based technique called “Gray Code” to detect a faulty sensor. Through simulations we reveal that the acquired data in IGTDC framework is reliable that can make a trustworthy data collection for event detection, and assist to distinguish a faulty sensor.

This work uses adversarial perturbations to enhance deepfake images and fool common deepfake detectors. We created adversarial perturbations using the Fast Gradient Sign Method and the Carlini and Wagner L2 norm attack in both blackbox and whitebox settings. Detectors achieved over 95% accuracy on unperturbed deepfakes, but less than 27% accuracy on perturbed deepfakes. We also explore two improvements to deep-fake detectors: (i) Lipschitz regularization, and (ii) Deep Image Prior (DIP). Lipschitz regularization constrains the gradient of the detector with respect to the input in order to increase robustness to input perturbations. The DIP defense removes perturbations using generative convolutional neural networks in an unsupervised manner. Regularization improved the detection of perturbed deepfakes on average, including a 10% accuracy boost in the blackbox case. The DIP defense achieved 95% accuracy on perturbed deepfakes that fooled the original detector while retaining 98% accuracy in other cases on a 100 image subsample.

Neural Network Physical Unclonable Function (NN-PUF) has been proposed for the secure implementation of Edge AI. This study evaluates the tamper resistance of NN-PUF against machine learning attacks. The machine learning attack in this study learns CPRs using deep learning. As a result of the evaluation experiment, the machine learning attack predicted about 82% for CRPs. Therefore, this study revealed that NN-PUF is vulnerable to machine learning attacks.

With the shift in storage paradigm, there is an increasing need for privacy of dataset and also for an encryption scheme that permits computation on encrypted data. Paillier cryptosystem is a good example of such a homomorphic encryption scheme. To improve the efficiency of the Paillier homomorphic encryption scheme in terms of its decryption speed and overall computational cost, we propose an improved decryption process. Specifically, the inclusion of a variable k to reduce the modular multiplicative arithmetic. The variable k is combined with the L function and CRT recombination method, to arrive at a fast and improved decryption process, showing the mathematical correctness of the decryption algorithm. Experimental results validate that our scheme is significantly efficient in its decryption speed.

This paper proposes a method that offers much higher security for Iseki's fully homomorphic encryption (FHE), a recently proposed secure computation scheme. The key idea is re-encrypting already encrypted data. This second encryption is executed using new common keys, whereby two or more encryptions offer much stronger security.