Biblio

Network dynamics, such as bandwidth fluctuation and unexpected latency, hurt users' quality of experience (QoE) greatly for media services over the Internet. In this work, we propose a neural adaptive transport (NAT) framework to tackle the network dynamics for Internet-scale interactive media services. The entire NAT system has three major components: a learning based cloud overlay routing (COR) scheme for the best delivery path to bypass the network bottlenecks while offering the minimal end-to-end latency simultaneously; a residual neural network based collaborative video processing (CVP) system to trade the computational capability at client-end for QoE improvement via learned resolution scaling; and a deep reinforcement learning (DRL) based adaptive real-time streaming (ARS) strategy to select the appropriate video bitrate for maximal QoE. We have demonstrated that COR could improve the user satisfaction from 5% to 43%, CVP could reduce the bandwidth consumption more than 30% at the same quality, and DRL-based ARS can maintain the smooth streaming with \textbackslashtextless; 50% QoE improvement, respectively.

NeuronUnityIntgration2.0 (demo video is avilable at http://tiny.cc/u1lz6y) is a plugin for Unity which provides gesture recognition functionalities through the Perception Neuron motion capture suit. The system offers a recording mode, which guides the user through the collection of a dataset of gestures, and a recognition mode, capable of detecting the recorded actions in real time. Gestures are recognized by training Support Vector Machines directly within our plugin. We demonstrate the effectiveness of our application through an experimental evaluation on a newly collected dataset. Furthermore, external applications can exploit NeuronUnityIntgration2.0's recognition capabilities thanks to a set of exposed API.

Major blackouts are due to cascading failures in power systems. These failures usually occur at vulnerable links of the network. To identify these, indicators have already been defined using complex network theory. However, most of these indicators only depend on the topology of the grid; they fail to detect the weak links. We introduce a new metric to identify the vulnerable lines, based on the load-flow equations and the grid geometry. Contrary to the topological indicators, ours is built from the electrical equations and considers the location and magnitude of the loads and of the power generators. We apply this new metric to the IEEE 118-bus system and compare its prediction of weak links to the ones given by an industrial software. The agreement is very well and shows that using our indicator a simple examination of the network and its generator and load distribution suffices to find the weak lines.

Blackboxes are being increasingly used in the vehicular context to store and transmit information related to safety, security and many other applications. The plethora of sensors available at the different parts of the vehicle can provide enriched gathering of the data related to these applications. Nonetheless, to support multiple use cases, the blackbox must be accessible by various actors (e.g. vehicle owner, insurance company, law enforcement authorities). This raises significant challenges regarding the privacy of the data collected and stored in the blackbox. In fact, these data can often lead to tracing back accurate facts about the behaviour of the owner of the vehicle. To cope with this problem, we propose a new blackbox architecture supporting searchable encryption. This feature allows multiple users who are not able to decipher the content of the blackbox to validate properties such as path traceback and velocity. To illustrate the implementation of the proposed technique in practice, we discuss a case study related to post-accident processing by insurance companies.

Power system intelligent terminal equipment is widely used in real-time monitoring, data acquisition, power management, power distribution and other tasks of smart grid. The power system intelligent terminal can obtain various information of users and power companies in the power grid, but there is still a lack of protection means for the connection and communication process of the terminal components. In this paper, a novel method based on improved deep belief network(IDBN) is proposed to accomplish the business-level security monitoring and attack detection of power system terminal. A non-intrusive business-level monitoring platform for power system terminals is established, which uses energy metering intelligent terminals as an example for non-intrusive data collection. Based on this platform, the I-DBN extracts the spatial and temporal attack characteristics of the external monitoring data of the system. Some fault conditions and cyber attacks of the model have been simulated to demonstrate the effectiveness of the proposed detection method and the results show excellent performance. The method and platform proposed in this paper can be extended to other services in the power industry, providing a theoretical basis and implementation method for realizing the security monitoring of power system intelligent terminals from the business level.

In this paper we propose a cryptographic solution that provides non-repudiation and end-to-end security for the electric-vehicle-charging ecosystem as it exists in the Netherlands. It is designed to provide long-term non-repudiation, while allowing for data deletion in order to comply with the GDPR. To achieve this, we use signatures on hashes of individual data fields instead of on the combination of fields directly, and we use Merkle authentication trees to reduce the overhead involved.

In this work we present a novel technique for physical layer security in the Internet-of-Things (IoT) networks. In the proposed architecture, each IoT node generates a phase-modulated random key/data and transmits it to a master node in the presence of an eavesdropper, referred to as Eve. The master node, simultaneously, broadcasts a high power signal using an omni-directional antenna, which is received as interference by Eve. This interference masks the generated key by the IoT node and will result in a higher bit-error rate in the data received by Eve. The two legitimate intended nodes communicate in a full-duplex manner and, consequently, subtract their transmitted signals, as a known reference, from the received signal (self-interference cancellation). We compare our proposed method with a conventional approach to physical layer security based on directional antennas. In particular, we show, using theoretical and measurement results, that our proposed approach provides significantly better security measures, in terms bit error rate (BER) at Eve's location. Also, it is proven that in our novel system, the possible eavesdropping region, defined by the region with BER \textbackslashtextless; 10-1, is always smaller than the reliable communication region with BER \textbackslashtextless; 10-3.

This paper presents a novel logic locking security assessment method based on linear regression, by means of modeling between the distribution probabilities of key-inputs and observable outputs. The algorithm reveals a weakness of the encrypted circuit since the assessment can revoke the key-inputs within several iterations. The experiment result shows that the proposed assessment can be applied to varies of encrypted combinational benchmark circuits, which exceeds 85% of correctness after revoking the encrypted key-inputs.

Anonymous Communication (AC) hides traffic patterns and protects message metadata from being leaked during message transmission. Many practical AC systems have been proposed aiming to reduce communication latency and support a large number of users. However, how to design AC systems which possess strong security property and at the same time achieve optimal performance (i.e., the lowest latency or highest horizontal scalability) has been a challenging problem. In this paper, we propose an ObliComm framework, which consists of six modular AC subroutines. We also present a strong security definition for AC, named oblivious communication, encompassing confidentiality, unobservability, and a new requirement sending-and-receiving operation hiding. The AC subroutines in ObliComm allow for modular construction of oblivious communication systems in different network topologies. All constructed systems satisfy oblivious communication definition and can be provably secure in the universal composability (UC) framework. Additionally, we model the relationship between the network topology and communication measurements by queuing theory, which enables the system's efficiency can be optimized and estimated by quantitative analysis and calculation. Through theoretical analyses and empirical experiments, we demonstrate the efficiency of our scheme and soundness of the queuing model.

Password authentication is the most widely used authentication method in information systems. The traditional proactive password detection method is generally implemented by counting password length, character class number and computing password information entropy to improve password security. However, passwords that pass proactive password detection do not represent that they are secure. In this paper, based on the research of the characteristics of password distribution under big data, we propose an online password guessing method, which collects a dataset of guessing passwords composed of weak passwords, high frequency passwords and personal information related passwords. It is used to guess the 13k password dataset leaked in China's largest ticketing website, China Railways 12306 website. The experimental results show that even if our guess object has passed the strict proactive password detection, we can construct a guessing password dataset contain only 100 passwords, and effectively guess 4.84% of the passwords.

With the disconnected nature of some Automatic Test Systems, there is no possibility for a centralized infrastructure of sense and response in Cybersecurity. For scalability, a cost effective onboard approach will be necessary. In smaller companies where connectivity is not a concern, costly commercial solutions will impede the implementation of surveillance and compliance options. In this paper we propose to demonstrate an open source strategy using freely available Security Technical Implementation Guidelines (STIGs), internet resources, and supporting software stacks, such as OpenScap, HubbleStack, and (ElasticSearch, Logstash, and Kibana (ElasticStack)) to deliver an affordable solution to this problem. OpenScap will provide tools for managing system security and standards compliance. HubbleStack will be employed to automate compliance via its components: NOVA (an auditing engine), Nebula (osquery integration), Pulsar (event system) and Quasar (reporting system). Our intention is utilize NOVA in conjunction with OpenScap to CVE (Common Vulnerabilities and Exposures) scan and netstat for open ports and processes. Additionally we will monitor services and status, firewall settings, and use Nebula's integration of Facebook's osquery to detect vulnerabilities by querying the Operating System. Separately we plan to use Pulsar, a fast file integrity manger, to monitor the integrity of critical files such as system, test, and Hardware Abstraction Layer (HAL) software to ensure the system retains its integrity. All of this will be reported by Quasar, HubbleStack's reporting engine. We will provide situational awareness through the use of the open source Elastic Stack. ElasticSearch is a RESTful search and analytics engine. Logstash is an open source data processing pipeline that enables the ingestion of data from multiple sources sending it through extensible interfaces, in this case ElasticSearch. Kibana supports the visualization of data. Essentially Elastic Stack will be the presentation layer, HubbleStack will be the broker of the data to Elastic Stash, with the other HubbleStack components feeding that data. All of the tools involved are open source in nature, reducing the cost to the overhead required to keep configurations up to date, training on use, and analytics required to review the outputs.

The confinement of light in three dimensions (3D) is an active research topic in Nanophotonics, since it allows for ultimate control over photons [1]. A powerful tool to this end is a 3D photonic band gap crystal with a tailored defect that acts as a cavity or even a waveguide [2]. When a one-dimensional array of cavities is coupled, an intricate waveguiding system appears, known as a CROW (coupled resonator optical waveguide) [3]. Remarkably, 3D superlattices of coupled cavities that resonate inside a 3D band gap have not been studied to date. Recently, theoretical work has predicted the occurrence of "Cartesian light", wherein light propagates by hopping only in high symmetry directions in space [4]. This represents the optical analog of the Anderson model for spins or electrons that is relevant for neuromorphic computing and may lead to intricate lasing [5].

This paper mainly focuses on presenting a novel attack detection system to thread out the risk issues in IoT. The presented attack detection system links the interconnection of DevOps as it creates the correlation between development and IT operations. Further, the presented attack detection model ensures the operational security of different applications. In view of this, the implemented system incorporates two main stages named Proposed Feature Extraction process and Classification. The data from every application is processed with the initial stage of feature extraction, which concatenates the statistical and higher-order statistical features. After that, these extracted features are supplied to classification process, where determines the presence of attacks. For this classification purpose, this paper aims to deploy the optimized Deep Belief Network (DBN), where the activation function is tuned optimally. Furthermore, the optimal tuning is done by a renowned meta-heuristic algorithm called Lion Algorithm (LA). Finally, the performance of proposed work is compared and proved over other conventional methods.

We present a system architecture for autonomic operation, administration and maintenance of both the optical and digital layers within the integrated optical transport network infrastructure. This framework encompasses the end-to-end instrumentation: From equipment commissioning to automatic discovery and bring-up, to self-managed, self-(re)configuring optical transport layer. We leverage prevalent networking protocols to build an autonomic control plane for the optical network elements. Various aspects of security, a critical element for self-managed operations, are addressed. We conclude with a discussion on the interaction with SDN, and how autonomic functions can benefit from these capabilities, a brief survey of standardization activities and scope for future work.

BLE is used to transmit and receive data between sensors and devices. Most of the IOT devices employ BLE for wireless communication because it suits their requirements such as less energy constraints. The major security vulnerabilities in BLE protocol can be used by attacker to perform MITM attacks and hence violating confidentiality and integrity of data. Although BLE 4.2 prevents most of the attacks by employing elliptic-curve diffie-Hellman to generate LTK and encrypt the data, still there are many devices in the market that are using BLE 4.0, 4.1 which are vulnerable to attacks. This paper shows the simple demonstration of possible attacks on BLE devices that use various existing tools to perform spoofing, MITM and firmware attacks. We also discussed the security, privacy and its importance in BLE devices.

Over the last decade, a technology called Internet of Things (IoT) has been evolving at a rapid pace. It enables the development of endless applications in view of availability of affordable components which provide smart ecosystems. The IoT devices are constrained devices which are connected to the internet and perform sensing tasks. Each device is identified by their unique address and also makes use of the Constrained Application Protocol (CoAP) as one of the main web transfer protocols. It is an application layer protocol which does not maintain secure channels to transfer information. For authentication and end-to-end security, Datagram Transport Layer Security (DTLS) is one of the possible approaches to boost the security aspect of CoAP, in addition to which there are many suggested ways to protect the transmission of sensitive information. CoAP uses DTLS as a secure protocol and UDP as a transfer protocol. Therefore, the attacks on UDP or DTLS could be assigned as a CoAP attack. An attack on DTLS could possibly be launched in a single session and a strong authentication mechanism is needed. Man-In-The-Middle attack is one the peak security issues in CoAP as cited by Request For Comments(RFC) 7252, which encompasses attacks like Sniffing, Spoofing, Denial of Service (DoS), Hijacking, Cross-Protocol attacks and other attacks including Replay attacks and Relay attacks. In this work, a client-server architecture is setup, whose end devices communicate using CoAP. Also, a proxy system was installed across the client side to launch an active interception between the client and the server. The work will further be enhanced to provide solutions to mitigate these attacks.

Biometric recognition systems based on ultrasound images have been investigated for several decades, and nowadays ultrasonic fingerprint sensors are fully integrated in portable devices. Main advantage of the Ultrasound over other technologies are the possibility to collect 3D images, allowing to gain information on under-skin features, which improve recognition accuracy and resistance to spoofing. Also, ultrasound images are not sensible to several skin contaminations, humidity and not uniform ambient illumination. An ultrasound system, able to acquire 3D images of the human palm has been recently proposed. In this work, a recognition procedure based on 2D palmprint images collected with this system is proposed and evaluated through verification experiments carried out on a home made database composed of 141 samples collected from 24 users. Perspective of the proposed method by upgrading the recognition procedure to provide a 3D template able to accounts for palm lines' depth are finally highlighted and discussed.

Capturing the patterns in adversarial movement can present crucial insight into team dynamics and organization of cybercrimes. This information can be used for additional assessment and comparison of decision making approaches during cyberattacks. In this study, we propose a data-driven analysis based on time series analysis and social networks to identify patterns and alterations in time allocated to intrusion stages and adversarial movements. The results of this analysis on two case studies of collegiate cybersecurity exercises is provided as well as an analytical comparison of their behavioral trends and characteristics. This paper presents preliminary insight into complexities of individual and group level adversarial movement and decision-making as cyberattacks unfold.

-In wireless networks, Cooperative communication can be used to increase the strength of the communication by means of spatial diversity. Basic idea that exists behind Cooperative communication is, if the transmission from source to destination is not successful, a helping node called relay can be used to send the same information to the destination through independent paths. In order to improve the performance of such communication, channel coding techniques can be used which reduces the Bit Error Rate. Previous works on cooperative communication only concentrated on improving channel capacity through cooperation. Hence this paper presents different Channel coding methods such as Turbo coding, Convolutional coding, and low-density parity-check coding over Rayleigh fading channels in the presence of Additive white Gaussian noise. Performance of these Channel coding techniques are measured in terms of noise power spectral density (NO ) vs. Bit error rate.

Wireless Sensor Networks (WSNs) utilizes many dedicated sensors for large scale networks in order to record and monitor the conditions over the environment. Cluster-Based Wireless Sensor Networks (CBWSNs) elucidates essential challenges like routing, load balancing, and lifetime of a network and so on. Conversely, security relies a major challenge in CBWSNs by limiting its resources or not forwarding the data to the other clusters. Wireless Sensor Networks utilize different security methods to offer secure information transmission. Encryption of information records transferred into various organizations thus utilizing a very few systems are the normal practices to encourage high information security. For the most part, such encoded data and also the recovery of unique data depend on symmetric or asymmetric key sets. Collectively with the evolution of security advances, unfruitful or unauthorized endeavors have been made by different illicit outsiders to snip the transmitted information and mystery keys deviously, bother the transmission procedure or misshape the transmitted information and keys. Sometimes, the limitations made in the correspondence channel, transmitting and receiving devices might weaken information security and discontinue a critical job to perform. Thus, in this paper we audit the current information security design and key management framework in WSN. Based on this audit and recent security holes, this paper recommends a plausible incorporated answer for secure transmission of information and mystery keys to address these confinements. Thus, consistent and secure clusters is required to guarantee appropriate working of CBWSNs.

Secret key generation from wireless channel is an emerging technique of physical layer security. At present, most of the secret key generation schemes use information reconciliation to obtain symmetric keys. This paper introduces a non-interactive information reconciliation scheme based on channel coding and stream encryption, and considering the error correction capability, we design a concatenated code of BCH and RS codes as channel coding. The performance of concatenated error correction code has been analyzed in this scheme. Then, we compare the concatenated code with first-level error correction code in different test environments. Extensive numerical simulations and experiments demonstrate that the decoding performance of this second-level concatenated code is better than the first-level error correction code, and it can also effectively eliminate third-party eavesdropping.

Performance and improved packet handling capacity against high traffic load are important requirements for an effective intrusion detection system (IDS). Snort is one of the most popular open-source intrusion detection system which runs on Linux. This research article discusses ways of enhancing the performance of Snort by modifying Linux key parameters related to NAPI packet reception mechanism within the Linux kernel networking subsystem. Our enhancement overcomes the current limitations related to NAPI throughput. We experimentally demonstrate that current default budget B value of 300 does not yield the best performance of Snort throughput. We show that a small budget value of 14 gives the best Snort performance in terms of packet loss both at Kernel subsystem and at the application level. Furthermore, we compare our results to those reported in the literature, and we show that our enhancement through tuning certain parameters yield superior performance.

In the information era, the size of network traffic is complex because of massive Internet-based services and rapid amounts of data. The more network traffic has enhanced, the more cyberattacks have dramatically increased. Therefore, cybersecurity intrusion detection has been a challenge in the current research area in recent years. The Intrusion detection system requires high-level protection and detects modern and complex attacks with more accuracy. Nowadays, big data analytics is the main key to solve marketing, security and privacy in an extremely competitive financial market and government. If a huge amount of stream data flows within a short period time, it is difficult to analyze real-time decision making. Performance analysis is extremely important for administrators and developers to avoid bottlenecks. The paper aims to reduce time-consuming by using Apache Kafka and Spark Streaming. Experiments on the UNSWNB-15 dataset indicate that the integration of Apache Kafka and Spark Streaming can perform better in terms of processing time and fault-tolerance on the huge amount of data. According to the results, the fault tolerance can be provided by the multiple brokers of Kafka and parallel recovery of Spark Streaming. And then, the multiple partitions of Apache Kafka increase the processing time in the integration of Apache Kafka and Spark Streaming.

Wireless communication network (WCN) performance is primarily depends on physical layer security which is critical among all other layers of OSI network model. It is typically prone to anomaly/malicious user's attacks owing to openness of wireless channels. Cognitive radio networking (CRN) is a recently emerged wireless technology that is having numerous security challenges because of its unlicensed access of wireless channels. In CRNs, the security issues occur mainly during spectrum sensing and is more pronounced during distributed spectrum sensing. In recent past, various anomaly effects are modelled and developed detectors by applying advanced statistical techniques. Nevertheless, many of these detectors have been developed based on sensing data of one variable (energy measurement) and degrades their performance drastically when the data is contaminated with multiple anomaly nodes, that attack the network cooperatively. Hence, one has to develop an efficient multiple anomaly detection algorithm to eliminate all possible cooperative attacks. To achieve this, in this work, the impact of anomaly on detection probability is verified beforehand in developing an efficient algorithm using bivariate data to detect possible attacks with mahalanobis distance measure. Result discloses that detection error of cooperative attacks by anomaly has significant impact on eigenvalue-based sensing.

The center-piece of this work is a software measurement physical unclonable function (PUF). It measures processor chip ALU silicon biometrics in a manner similar to all PUFs. Additionally, it composes the silicon measurement with the data-dependent delay of a particular program instruction in a way that is difficult to decompose through a mathematical model. This approach ensures that each software instruction is measured if computed. The SW-PUF measurements bind the execution of software to a specific processor with a corresponding certificate. This makes the SW-PUF a promising candidate for applications requiring Trusted Computing. For instance, it could measure the integrity of an execution path by generating a signature that is unique to the specific program execution path and the processor chip. We present an area and energy-efficient scheme based on the SW-PUF to provide a more robust root of trust for measurement than the existing trusted platform module (TPM). To explore the feasibility of the proposed design, the SW-PUF has been implemented in HSPICE using 45 nm technology and evaluated on the FPGA platform.