Biblio

Differentially private (DP) machine learning allows us to train models on private data while limiting data leakage. DP formalizes this data leakage through a cryptographic game, where an adversary must predict if a model was trained on a dataset D, or a dataset D′ that differs in just one example. If observing the training algorithm does not meaningfully increase the adversary's odds of successfully guessing which dataset the model was trained on, then the algorithm is said to be differentially private. Hence, the purpose of privacy analysis is to upper bound the probability that any adversary could successfully guess which dataset the model was trained on.In our paper, we instantiate this hypothetical adversary in order to establish lower bounds on the probability that this distinguishing game can be won. We use this adversary to evaluate the importance of the adversary capabilities allowed in the privacy analysis of DP training algorithms.For DP-SGD, the most common method for training neural networks with differential privacy, our lower bounds are tight and match the theoretical upper bound. This implies that in order to prove better upper bounds, it will be necessary to make use of additional assumptions. Fortunately, we find that our attacks are significantly weaker when additional (realistic) restrictions are put in place on the adversary's capabilities. Thus, in the practical setting common to many real-world deployments, there is a gap between our lower bounds and the upper bounds provided by the analysis: differential privacy is conservative and adversaries may not be able to leak as much information as suggested by the theoretical bound.

Malware classification is a problem of great significance in the domain of information security. This is because the classification of malware into respective families helps in determining their intent, activity, and level of threat. In this paper, we propose a novel deep learning approach to malware classification. The proposed method converts malware executables into image-based representations. These images are then classified into different malware families using an autoencoder enhanced deep convolutional neural network (AE-DCNN). In particular, we propose a novel training mechanism wherein a DCNN classifier is trained with the help of an encoder. We conjecture that using an encoder in the proposed way provides the classifier with the extra information that is perhaps lost during the forward propagation, thereby leading to better results. The proposed approach eliminates the use of feature engineering, reverse engineering, disassembly, and other domain-specific techniques earlier used for malware classification. On the standard Malimg dataset, we achieve a 10-fold cross-validation accuracy of 99.38% and F1-score of 99.38%. Further, due to the texture-based analysis of malware files, the proposed technique is resilient to several obfuscation techniques.

Crime is a social problem that after the confinement of COVID-19 has increased significantly worldwide, which is why it is important to know what technological tools can be used to prevent criminal acts. In the present work, a systemic analysis was carried out to determine the importance of how to prevent crime using new information technologies. Fifty research articles were selected between 2015 and 2021. The information was obtained from different databases such as IEEE Xplore, Redalyc, Scopus, SciELO and Medline. Keywords were used to delimit the search and be more precise in our inquiry on the web. The results obtained show specific information on how to prevent crime using new information technologies. We conclude that new information technologies help to prevent crime since several developed countries have implemented their security system effectively, while underdeveloped countries do not have adequate technologies to prevent crime.

As AI technology advances and its use increases, efforts to incorporate machine learning for malware detection are increasing. However, for malware learning, a standardized data set is required. Because malware is unstructured data, it cannot be directly learned. In order to solve this problem, many studies have attempted to convert unstructured data into structured data. In this study, the features and limitations of each were analyzed by investigating and analyzing the method of converting unstructured data proposed in each study into structured data. As a result, most of the data conversion techniques suggest conversion mechanisms, but the scope of each technique has not been determined. The resulting data set is not suitable for use as training data because it has infinite properties.

With the development of information technology, the Internet of things (IOT) has gradually become the third wave of global information industry revolution after computer and Internet. Artificial intelligence (AI) and IOT technology is an important prerequisite for the rapid development of the current information society. However, while AI and IOT technologies bring convenient and intelligent services to people, they also have many defects and imperfect development. Therefore, it is necessary to pay more attention to the development of AI and IOT technologies, actively improve the application system, and create a network security management system for AI and IOT applications that can timely detect intrusion, assess risk and prevent viruses. In this paper, the network security risks caused by AI and IOT applications are analyzed. Therefore, in order to ensure the security of IOT environment, network security and privacy security have become the primary problems to be solved, and management should be strengthened from technical to legal aspects.

In proof-of-stake (PoS) blockchains, stakeholders that extend the chain are selected according to the amount of stake they own. In S&P 2019 the "Ouroboros Crypsinous" system of Kerber et al. (and concurrently Ganesh et al. in EUROCRYPT 2019) presented a mechanism that hides the identity of the stakeholder when adding blocks, hence preserving anonymity of stakeholders both during payment and mining in the Ouroboros blockchain. They focus on anonymizing the messages of the blockchain protocol, but suggest that potential identity leaks from the network-layer can be removed as well by employing anonymous broadcast channels.In this work we show that this intuition is flawed. Even ideal anonymous broadcast channels do not suffice to protect the identity of the stakeholder who proposes a block.We make the following contributions. First, we show a formal network-attack against Ouroboros Crypsinous, where the adversary can leverage network delays to distinguish who is the stakeholder that added a block on the blockchain. Second, we abstract the above attack and show that whenever the adversary has control over the network delay – within the synchrony bound – loss of anonymity is inherent for any protocol that provides liveness guarantees. We do so, by first proving that it is impossible to devise a (deterministic) state-machine replication protocol that achieves basic liveness guarantees and better than (1-2f) anonymity at the same time (where f is the fraction of corrupted parties). We then connect this result to the PoS setting by presenting the tagging and reverse tagging attack that allows an adversary, across several executions of the PoS protocol, to learn the stake of a target node, by simply delaying messages for the target. We demonstrate that our assumption on the delaying power of the adversary is realistic by describing how our attack could be mounted over the Zcash blockchain network (even when Tor is used). We conclude by suggesting approaches that can mitigate such attacks.

Ransomware is a major malware attack experienced by large corporations and healthcare services. Ransomware employs the idea of cryptovirology, which uses cryptography to design malware. The goal of ransomware is to extort ransom by threatening the victim with the destruction of their data. Ransomware typically involves a 3-step process: analyzing the victim’s network traffic, identifying a vulnerability, and then exploiting it. Thus, the detection of ransomware has become an important undertaking that involves various sophisticated solutions for improving security. To further enhance ransomware detection capabilities, this paper focuses on an Application Programming Interface (API)-based ransomware detection approach in combination with machine learning (ML) techniques. The focus of this research is (i) understanding the life cycle of ransomware on the Windows platform, (ii) dynamic analysis of ransomware samples to extract various features of malicious code patterns, and (iii) developing and validating machine learning-based ransomware detection models on different ransomware and benign samples. Data were collected from publicly available repositories and subjected to sandbox analysis for sampling. The sampled datasets were applied to build machine learning models. The grid search hyperparameter optimization algorithm was employed to obtain the best fit model; the results were cross-validated with the testing datasets. This analysis yielded a high ransomware detection accuracy of 99.18% for Windows-based platforms and shows the potential for achieving high-accuracy ransomware detection capabilities when using a combination of API calls and an ML model. This approach can be further utilized with existing multilayer security solutions to protect critical data from ransomware attacks.

In the current scenario we are facing the issue of real view which is object deal with image or in virtual world for such kind of difficulties the Augmented Reality has came into existence (AR). This paper deal with Augmented Reality Search (ARS). In this Augmented Reality Search (ARS) just user have to make the voice command and the Augmented Reality Search (ARS) will provide you real view of that object. Consider real world scenario where a student searched for NIT Bangalore then it will show the real view of that campus.

Rapid development of wireless technologies has driven the evolution of smart grid application. In smart grid, authentication plays an important role for secure communication between smart meter and service provider. Hence, the design of secure authenticated key agreement schemes has received significant attention from researchers. In these schemes, a trusted third party directly participates in key agreement process. Although, this third party is assumed as trusted, however we cannot reject the possibility that being a third party, it can also be malicious. In the existing works, either the established session key is revealed to the agents of a trusted third party, or a trusted third party agent can impersonate the smart meter and establish a valid session key with the service provider, which is likely to cause security vulnerabilities. Therefore, there is a need to design a secure authentication scheme so that only the deserving entities involved in the communication can establish and know the session key. This paper proposes a new secure authenticated key agreement scheme for smart grid considering the fact that the third party can also be malicious. The security of the proposed scheme has been thoroughly evaluated using an adversary model. Correctness of the scheme has been analyzed using the broadly accepted Burrows-Abadi-Needham (BAN) Logic. In addition, the formal security verification of the proposed scheme has been performed using the widely accepted Automated Validation of Internet Security Protocols and Applications (AVISPA) simulation tool. Results of this simulation confirm that the proposed scheme is safe. Detailed security analysis shows the robustness of the scheme against various known attacks. Moreover, the comparative performance study of the proposed scheme with other relevant schemes is presented to demonstrate its practicality.

Security and privacy threat modeling is commonly applied to systematically identify and address design-level security and privacy concerns in the early stages of architecture and design. Identifying and resolving these threats should remain a continuous concern during the development lifecycle. Especially with contemporary agile development practices, a single-shot upfront analysis becomes quickly outdated. Despite it being explicitly recommended by experts, existing threat modeling approaches focus largely on early development phases and provide limited support during later implementation phases.In this paper, we present an integrated threat analysis toolchain to support automated, continuous threat elicitation, assessment, and mitigation as part of a continuous integration pipeline in the GitLab DevOps platform. This type of automation allows for continuous attention to security and privacy threats during development at the level of individual commits, supports monitoring and managing the progress in addressing security and privacy threats over time, and enables more advanced and fine-grained analyses such as assessing the impact of proposed changes in different code branches or merge/pull requests by analyzing the changes to the threat model.

The use of mobile devices has increased dramatically in recent years. These smart devices allow us to easily perform many functions such as e-mail, internet, Bluetooth, SMS and MMS without restriction of time and place. Thus, these devices have become an indispensable part of our lives today. Due to this high usage, malware developers have turned to this platform and many mobile malware has emerged in recent years. Many security companies and experts have developed methods to protect our mobile devices. In this study, in order to contribute to mobile malware detection and analysis, an application has been implemented that automatically injects payload into normal apk. With this application, it is aimed to create a data set that can be used by security companies and experts.

Human behavior analysis is the process that consists of activity monitoring and behavior recognition and has become the core component of intelligent applications such as security surveillance and fall detection. Generally, the techniques involved in behavior recognition include sensor and vision-based processing. During the process, the activity information is typically required to ensure a good recognition performance. On the other hand, the privacy issue attracts much attention and requires a limited range of activity monitoring accordingly. We study behavior analysis for such privacy-oriented applications. A local object tracking (LOT) technique based on an infrared sensor array is developed in a limited monitoring range and is further realized to a practical bed-exit system in the clinical test environment. The experimental results show a correct recognition rate of 99% for 6 bedside activities. In addition, 89% of participants in a satisfaction survey agree on its effectiveness.

Biometrics as a means of personal authentication has demonstrated strong viability in the past decade. However, directly deriving a unique cryptographic key from biometric data is a non-trivial task due to the fact that biometric data is usually noisy and presents large intra-class variations. Moreover, biometric data is permanently associated with the user, which leads to security and privacy issues. Cancellable biometrics and bio-cryptosystem are two main branches to address those issues, yet both approaches fall short in terms of accuracy performance, security, and privacy. In this paper, we propose a Bio-Crypto system on fingerprint Cancellable template (Bio-CanCrypto), which bridges cancellable biometrics and bio-cryptosystem to achieve a middle-ground for alleviating the limitations of both. Specifically, a cancellable transformation is applied on a fixed-length fingerprint feature vector to generate cancellable templates. Next, an LDPC coding mechanism is introduced into a reusable fuzzy extractor scheme and used to extract the stable cryptographic key from the generated cancellable templates. The proposed system can achieve both cancellability and reusability in one scheme. Experiments are conducted on a public fingerprint dataset, i.e., FVC2002. The results demonstrate that the proposed LDPC coded reusable fuzzy extractor is effective and promising.

With the development of various technologies, the modern industry has been promoted to a new era known as Industry 4.0. Within such paradigm, smart factories are becoming widely recognized as the fundamental concept. These systems generate and exchange vast amounts of privacy-sensitive data, which makes them attractive targets of attacks and unauthorized access. To improve privacy and security within such environments, a more decentralized approach is seen as the solution to allow their longterm growth. Currently, the blockchain technology represents one of the most suitable candidate technologies able to support distributed and secure ecosystem for Industry 4.0 while ensuring reliability, information integrity and access authorization. Blockchain based access control frameworks address encountered challenges regarding the confidentiality, traceability and notarization of access demands and procedures. However significant additional fears are raised about entities' privacy regarding access history and shared policies. In this paper, our main focus is to ensure strong privacy guarantees over the access control related procedures regarding access requester sensitive attributes and shared access control policies. The proposed scheme called PDAMF based on ring signatures adds a privacy layer for hiding sensitive attributes while keeping the verification process transparent and public. Results from a real implementation plus performance evaluation prove the proposed concept and demonstrate its feasibility.

Vehicular Ad Hoc Network (VANET) is a pervasive network, where vehicles communicate with nearby vehicles and infrastructure nodes, such as Road-side unit (RSU). Information sharing among vehicles is an essential component of an intelligent transportation system (ITS), but security and privacy concerns must be taken into consideration. Security of the network can be improved by granting access only to authenticated vehicles and restricting or revoking access for vehicles involved in misbehavior. In this paper, we present a novel blockchain based approach to authenticate vehicles and notify other vehicles about any unauthorized messages in real time. This helps protect other vehicles in the network from making critical decisions based on false or inaccurate information. In the proposed architecture, vehicles communicate with each other using pseudonyms or pseudo IDs and the Blockchain is used to securely maintain the real identity of all vehicles, which can be linked to the pseudo IDs if needed. The goal is to protect privacy or individual vehicles, while still ensuring accountability in case of misbehavior. The performance of the proposed approach is evaluated for different vehicle and attacker densities, and results demonstrate it has lower authentication delay and communication overhead compared to existing approaches.

How to analyze users' data without compromising individual privacy is an important issue in cloud computing. In order to protect privacy and enable the cloud to perform computing, users can apply homomorphic encryption schemes to their data. Most of existing homomorphic encryption-based cloud computing methods require that users' data are encrypted with the same key. While in practice, different users may prefer to use different keys. In this paper, we propose a privacy-preserving cloud computing method which adopts a double-trapdoor homomorphic encryption scheme to deal with the multi-key issue. The proposed method uses two cloud servers to analyze users' encrypted data. And we propose to use blockchain to monitor the information exchanged between the servers. Security analysis shows that the introduction of blockchain can help to prevent the two servers from colluding with each other, hence data privacy is further enhanced. And we conduct simulations to demonstrate the feasibility of the propose method.

The COVID-19 pandemic has recently emerged as a worldwide health emergency that necessitates coordinated international measures. To contain the virus's spread, governments and health organisations raced to develop vaccines that would lower Covid-19 morbidity, relieve pressure on healthcare systems, and allow economies to open. Following the COVID-19 vaccine, the vaccination certificate has been adopted to help the authorities formulate policies by controlling cross-border travelling. To address serious privacy concerns and eliminate the need for third parties to retain the trust and govern user data, in this paper, we leverage blockchain technologies in developing a secure and verifiable vaccination certificate. Our approach has the advantage of utilising a hybrid approach that implements different advanced technologies, such as the self-sovereignty concept, smart contracts and interPlanetary File System (IPFS). We rely on verifiable credentials paired with smart contracts to make decisions about who can access the system and provide on-chain verification and validation of the user and issuer DIDs. The approach was further analysed, with a focus on performance and security. Our analysis shows that our solution satisfies the security requirements for immunisation certificates.

Driven by the development of Internet and information technology, cloud computing has been widely recognized and accepted by the public. However, with the occurrence of more and more information leakage, cloud security has also become one of the core problem of cloud computing. As one of the resolve methods of it, ciphertext-policy attribute-based encryption (CP-ABE) by embedding access policy into ciphertext can make data owner to decide which attributes can access ciphertext. It achieves ensuring data confidentiality with realizing fine-grained access control. However, the traditional access policy has some limitations. Compared with other access policies, the circuit-based access policy ABE supports more flexible access control to encrypted data. But there are still many challenges in the existing circuit-based access policy ABE, such as privacy leakage and low efficiency. Motivated by the above, a new circuit-based access policy ABE is proposed. By converting the multi output OR gates in monotonic circuit, the backtracking attacks in circuit access structure is avoided. In order to overcome the low efficiency issued by circuit conversion, outsourcing computing is adopted to Encryption/Decryption algorithms, which makes the computing overhead for data owners and users be decreased and achieve constant level. Security analysis shows that the scheme is secure under the decision bilinear Diffie-Hellman (DBDH) assumption. Numerical results show the proposed scheme has a higher computation efficiency than the other circuit-based schemes.

In this paper, we present the Cloud Property Graph (CloudPG), which bridges the gap between static code analysis and runtime security assessment of cloud services. The CloudPG is able to resolve data flows between cloud applications deployed on different resources, and contextualizes the graph with runtime information, such as encryption settings. To provide a vendorand technology-independent representation of a cloud service's security posture, the graph is based on an ontology of cloud resources, their functionalities and security features. We show, using an example, that our CloudPG framework can be used by security experts to identify weaknesses in their cloud deployments, spanning multiple vendors or technologies, such as AWS, Azure and Kubernetes. This includes misconfigurations, such as publicly accessible storages or undesired data flows within a cloud service, as restricted by regulations such as GDPR.

Malwares are the key means leveraged by threat actors in the cyber space for their attacks. There is a large array of commercial solutions in the market and significant scientific research to tackle the challenge of the detection and defense against malwares. At the same time, attackers also advance their capabilities in creating polymorphic and metamorphic malwares to make it increasingly challenging for existing solutions. To tackle this issue, we propose a methodology to perform malware detection and family attribution. The proposed methodology first performs the extraction of opcodes from malwares in each family and constructs their respective opcode graphs. We explore the use of clustering algorithms on the opcode graphs to detect clusters of malwares within the same malware family. Such clusters can be seen as belonging to different sub-family groups. Opcode graph signatures are built from each detected cluster. Hence, for each malware family, a group of signatures is generated to represent the family. These signatures are used to classify an unknown sample as benign or belonging to one the malware families. We evaluate our methodology by performing experiments on a dataset consisting of both benign files and malware samples belonging to a number of different malware families and comparing the results to existing approach.

In recent years, the Internet-of-Things (IoT)-based traffic management system (ITMS) has attracted the attention of researchers from different fields, such as the automotive industry, academia and traffic management, due to its ability to enhance road safety and improve traffic efficiency. ITMS uses the Vehicle Ad-hoc Network (VANET) to communicate messages about traffic conditions or the event on the route to ensure the safety of the commuter. ITMS uses wireless communication technology for communication between different devices. Wireless communication has challenges to privacy and security. Challenges such as confidentiality, authentication, integrity, non-repudiation, identity, trust are major concerns of either security or privacy or both. This paper discusses the features of the traffic system, the features of the traffic management system (TMS) and the features of IoT that can be used in TMS with its challenges. Further, this paper analyses the work done in the last few years with the future scope of IoT in the TMS.

Cryptography is the science of encryption and decryption of data using the techniques of mathematics to achieve secure communication. This enables the user to send the data in an insecure channel. These channels are usually vulnerable to security attacks due to the data that they possess. A lot of work is being done these days to protect data and data communication. Hence securing them is the utmost concern. In recent times a lot of researchers have come up with different cryptographic techniques to protect the data over the network. One such technique used is DNA cryptography. The proposed approach employs a DNA sequencing-based encoding and decoding mechanism. The data is secured over the network using a secure authentication and key agreement procedure. A significant amount of work is done to show how DNA cryptography is secure when compared to other forms of cryptography techniques over the network.

Vehicle Ad-hoc Networks (VANETs) have recently become an active research area. This is because of its important applications in the transportation field in which vehicles have severe position during activities of daily living in persons. In this paper, the basic background of the VANET from the Intelligent Transportation System (ITS), Mobile Ad-hoc Networks (MANETs), VANET standard and VANET characteristics are discussed. Second, the architecture from components and communications of the system are presented. Then, the critical challenges and future perspectives in this field are comprehensively reviewed. This paper could serve as a guide and reference in the design and development of any new techniques for VANETs. Moreover, this paper may help researchers and developers in the selection of the main features of VANET for their goals in one single document.

In the era of big data and artificial intelligence, computer networks have become an important infrastructure, and the Internet has become ubiquitous. The most basic property of computer networks is reachability. The needs of the modern Internet mainly include cost, performance, reliability, and security. However, even for experienced network engineers, it is very difficult to manually conFigure the network to meet the needs of the modern large-scale Internet. The engineers often make mistakes, which can cause network paralysis, resulting in incalculable losses. Due to the development of automatic reasoning technology, automatic verification of network configuration is used to avoid mistakes. Network verification is at least an NP-C problem, so it is necessary to compress the network to reduce the network scale, thereby reducing the network verification time. This paper proposes a new model of network modeling, which is more suitable for the verification of network configuration on common protocols (such as RIP, BGP). On the basis of the existing compression method, two compression rules are added to compress the modeled network, reducing network verification time and conducting network reachability verification experiments on common networks. The experimental results are slightly better than the current compression methods.

Static taint analyses are widely-applied techniques to detect taint flows in software systems. Although they are theoretically conservative and de-signed to detect all possible taint flows, static taint analyses almost always exhibit false negatives due to a variety of implementation limitations. Dynamic programming language features, inaccessible code, and the usage of multiple programming languages in a software project are some of the major causes. To alleviate this problem, we developed a novel approach, DySTA, which uses dynamic taint analysis results as additional sources for static taint analysis. However, naïvely adding sources causes static analysis to lose context sensitivity and thus produce false positives. Thus, we developed a hybrid context matching algorithm and corresponding tool, ConDySTA, to preserve context sensitivity in DySTA. We applied REPRODROID [1], a comprehensive benchmarking framework for Android analysis tools, to evaluate ConDySTA. The results show that across 28 apps (1) ConDySTA was able to detect 12 out of 28 taint flows which were not detected by any of the six state-of-the-art static taint analyses considered in ReproDroid, and (2) ConDySTA reported no false positives, whereas nine were reported by DySTA alone. We further applied ConDySTA and FlowDroid to 100 top Android apps from Google Play, and ConDySTA was able to detect 39 additional taint flows (besides 281 taint flows found by FlowDroid) while preserving the context sensitivity of FlowDroid.