Biblio

Conversational IT services are expected to reduce user wait times and improve overall customer satisfaction. Cloud-based solutions are readily available for enterprise subject matter experts (SMEs) to train user-question classifiers and build conversational services with little effort. However, methodologies that the SMEs can use to improve the response accuracy and conversation quality are merely stated and evaluated. In complex service scenarios such as software support, the scope of topics is typically large and the training samples are often limited. Thus, training the classifier based on labeled samples of plain user utterances is not effective in most cases. In this paper, we identify several methods for improving classification quality and evaluate them in concrete training set scenarios. Particularly, a process-based methodology is described that builds and refines on top of service domain knowledge in order to develop a scalable solution for training accurate conversation services. Enterprises and service providers are continuously seeking new ways to improve customer experience on working with IT systems, where user wait times and service resolution quality are critical business metrics. One of the latest trends is the use of conversational IT services. Customers can interact with a conversational service to express their questions in natural language and the system can automatically return relevant answers or execute back-end processes for automated actions. Various text classification techniques have been developed and applied to understand the user questions and trigger the correct responses. For instance, in the context of IT software support, customers can use conversational systems to get answers about software product errors, licenses, or upgrade processes. While the potential benefits of building conversational services are huge, it is often difficult to effectively train classification models that cover well the scope of realistically complex services. In this paper, we propose a training methodology that addresses the limitations in both the scope of topics and the scarcity of the training set. We further evaluate the proposed methodology in a real service support scenario and share the lessons learned.

In Mobile Ad-hoc Network (MANET), we cannot predict the clear picture of the topology of a node because of its varying nature. Without notice participation and departure of nodes results in lack of trust relationship between nodes. In such circumstances, there is no guarantee that path between two nodes would be secure or free of malicious nodes. The presence of single malicious node could lead repeatedly compromised node. After providing security to route and data packets still, there is a need for the implementation of defense mechanism that is intrusion detection system(IDS) against compromised nodes. In this paper, we have implemented IDS, which defend against some routing attacks like the black hole and gray hole successfully. After measuring performance we get marginally increased Packet delivery ratio and Throughput.

The recognition of intrusions has increased impressive enthusiasm for information mining with the acknowledgment that anomalies can be the key disclosure to be produced using extensive network databases. Intrusions emerge because of different reasons, for example, mechanical deficiencies, changes in framework conduct, fake conduct, human blunder and instrument mistake. Surely, for some applications the revelation of Intrusions prompts more intriguing and helpful outcomes than the disclosure of inliers. Discovery of anomalies can prompt recognizable proof of framework blames with the goal that executives can take preventive measures previously they heighten. A network database framework comprises of a sorted out posting of pages alongside programming to control the network information. This database framework has been intended to empower network operations, oversee accumulations of information, show scientific outcomes and to get to these information utilizing networks. It likewise empowers network clients to gather limitless measure of information on unbounded territories of utilization, break down it and return it into helpful data. Network databases are ordinarily used to help information control utilizing dynamic capacities on sites or for putting away area subordinate data. This database holds a surrogate for each network route. The formation of these surrogates is called ordering and each network database does this errand in an unexpected way. In this paper, a structure for compelling access control and Intrusion Detection using outliers has been proposed and used to give viable Security to network databases. The design of this framework comprises of two noteworthy subsystems to be specific, Access Control Subsystem and Intrusion Detection Subsystem. In this paper preprocessing module is considered which clarifies the preparing of preprocessing the accessible information. And rain forest method is discussed which is used for intrusion detection.

The importance of peer-to-peer (P2P) network overlays produced enormous interest in the research community due to their robustness, scalability, and increase of data availability. P2P networks are overlays of logically connected hosts and other nodes including servers. P2P networks allow users to share their files without the need for any centralized servers. Since P2P networks are largely constructed of end-hosts, they are susceptible to abuse and malicious activity, such as sybil attacks. Impostors perform sybil attacks by assigning nodes multiple addresses, as opposed to a single address, with the goal of degrading network quality. Sybil nodes will spread malicious data and provide bogus responses to requests. To prevent sybil attacks from occurring, a novel defense mechanism is proposed. In the proposed scheme, the DHT key-space is divided and treated in a similar manner to radio frequency allocation incensing. An overlay of trusted nodes is used to detect and handle sybil nodes with the aid of source-destination pairs reporting on each other. The simulation results show that the proposed scheme detects sybil nodes in large sized networks with thousands of interactions.

Cognitive Radio (CR) has garnered much attention in the last decade, while the security issues are not fully studied yet. Existing research on attacks and defenses in CR - based networks focuses mostly on individual network layers, whereas cross-layer attacks remain fortified against single-layer defenses. In this paper, we shed light on a new vulnerability in cross-layer routing protocols and demonstrate how a perpetrator can exploit this vulnerability to manipulate traffic flow around it. We propose this cross-layer attack in CR-based wireless mesh networks (CR-WMNs), which we call off-sensing and route manipulation (OS-RM) attack. In this cross-layer assault, off-sensing attack is launched at the lower layers as the point of attack but the final intention is to manipulate traffic flow around the perpetrator. We also introduce a learning strategy for a perpetrator, so that it can gather information from the collaboration with other network entities and capitalize this information into knowledge to accelerate its malice intentions. Simulation results show that this attack is far more detrimental than what we have experienced in the past and need to be addressed before commercialization of CR-based networks.

The behavior of modern power systems is becoming more stochastic and dynamic, due to the increased penetration of variable generation, demand response, new power market structure, extreme weather conditions, contingencies, and unexpected events. It is critically important to predict potential system operational issues so that grid planners and operators can take preventive actions to mitigate the impact, e.g., lack of operational reserves. In this paper, an innovative software tool is presented to assist power grid operators in a balancing authority in predicting the grid stress level over the next operating day. It periodically collects necessary information from public domain such as weather forecasts, electricity demand, and automatically estimates the stress levels on a daily basis. Advanced Neural Network and regression tree algorithms are developed as the prediction engines to achieve this goal. The tool has been tested on a few key balancing authorities and successfully predicted the growing system peak load and increased stress levels under extreme heat waves.

Application whitelisting software allows only examined and trusted applications to run on user's machine. Since many malicious files don't require administrative privileges in order for them to be executed, whitelisting can be the only way to block the execution of unauthorized applications in enterprise environment and thus prevent infection or data breach. In order to assess the current state of such solutions, the access to three whitelisting solution licenses was obtained with the purpose to test their effectiveness against different modern types of ransomware found in the wild. To conduct this study a virtual environment was used with Windows Server and Enterprise editions installed. The objective of this paper is not to evaluate each vendor or make recommendations of purchasing specific software but rather to assess the ability of application control solutions to block execution of ransomware files, as well as assess the potential for future research. The results of the research show the promise and effectiveness of whitelisting solutions.

Software agents represent an assured computing paradigm that tends to emerge to be an elegant technology to solve present day problems. The eminent Scientific Community has proved us with the usage or implementation of software agent's usage approach that simplifies the proposed solution in various types to solve the traditional computing problems arise. The proof of the same is implemented in several applications that exist based on this area of technology where the software agents have maximum benefits but on the same hand absence of the suitable security mechanisms that endures for systems that are based on representation of barriers exists in the paradigm with respect to present day industry. As the application proposing present security mechanisms is not a trivial one as the agent based system builders or developers who are not often security experts as they subsequently do not count on the area of expertise. This paper presents a novel approach for protecting the infrastructure for solving the issues considered to be malicious host in mobile agent system by implementing a secure protocol to migrate agents from host to host relying in various elements based on the enhanced Trusted Platforms Modules (TPM) for processing data. We use enhanced extension to the Java Agent Development framework (JADE) in our proposed system and a migrating protocol is used to validate the proposed framework (AVASPA).

In current, RFID (Radio Frequency Identification) Middleware is widely used in nearly all RFID applications, and provides service for raw data capturing, security data reading/writing as well as sensors controlling. However, as the existing Middlewares were organized with rigorous data comparison and data encryption, it is seriously affecting the usefulness and execution efficiency. Thus, in order to improve the utilization rate of effective data, increase the reading/writing speed as well as preserving the security of RFID, this paper proposed a PSO (Particle swarm optimization) clustering scheme to accelerate the procedure of data operation. Then with the help of PSO cluster, the RFID Middleware can provide better service for both data security and data availability. At last, a comparative experiment is proposed, which is used to further verify the advantage of our proposed scheme.

This paper introduces a new methodology to generate additional hardware security in commercial off-the-shelf (COTS) system-on-a-chip (SoC) integrated circuits (ICs) that have already been fabricated and packaged. On-chip analog hardware blocks such as analog to digital converters (ADCs), digital to analog converters (DACs) and comparators residing within an SoC are repurposed and connected to one another to generate unique physically unclonable function (PUF) responses. The PUF responses are digitized and processed on-chip to create keys for use in encryption and device authentication activities. Key generation and processing algorithms are presented that minimize the effects of voltage and temperature fluctuations to maximize the repeatability of a key within a device. Experimental results utilizing multiple on-chip analog blocks inside a common COTS microcontroller show reliable key generation with minimal overhead.

The use of technology is increasing nowadays. On the other hand, most governments and legal offices still do not use technology to implement simple things such as signing a document because they still rely on face-to-face to ensure the authenticity of the signatory. Several challenges may come while signing documents online such as, how to authenticate the signing parties and how to ensure that signing parties will not deny their signatures in future? These challenges are addressed by SecureSign system that attach the signatories' identity with their fingerprints. SecureSign was implemented in C\# and Microsoft SQL Server Management Studio, with integrating fingerprint reader and electronic signature tablet. The SecureSign system achieves the main security goals which are confidentiality, authentication, non-repudiation and integrity. It will have an impact on society and business environments positively as it will reduce fraud and forgery, and help in controlling the process of signing either in contracts or confidential papers. SecureSign have Successfully achieved confidentiality by encrypting data using AES algorithm, authentication by using user fingerprint, nonrepudiation by associating the user ID with his fingerprint, and integrity by embedding QR barcode within the document and hashing its content.

Implementation of self-healing control system in smart grid is a persisting challenge. Self-Healing control strategy is the important guarantee to implement the smart grid. In addition, it is the support of achieving the secure operation, improving the reliability and security of distribution grid, and realizing the smart distribution grid. Although self-healing control system concept is presented in smart grid context, but the complexity of distribution network structure recommended to choose advanced control and protection system using a self-healing, this system must be able to heal any disturbance in the distribution system of smart grid to improve efficiency, resiliency, continuity, and reliability of the smart grid. This review focuses mostly on the key technology of self-healing control, gives an insight into the role of self-healing in distribution system advantages, study challenges and opportunities in the prospect of utilities. The main contribution of this paper is demonstrating proposed architecture, control strategy for self-healing control system includes fault detection, fault localization, faulted area isolation, and power restoration in the electrical distribution system.

Internet of Things is attracting a lot of interest in the modern world and has become a part of daily life leading to a large scale of distribution of Low power and Lossy Networks (LLN). For such networks constrained by low power and storage, IETF has proposed RPL an open standard routing protocol. However RPL protocol is exposed to a number of attacks which may degrade the performance and resources of the network leading to incorrect output. In this paper, to address Wormhole and Grayhole attack we propose a light weight Trust based mechanism. The proposed method uses direct trust which is computed based on node properties and Indirect Trust which is based on opinion of the neighboring nodes. The proposed method is energy friendly and does not impose excessive overhead on network traffic.

Link quality, trust management and energy efficiency are considered as main factors that affect the performance and lifetime of Mobile CrowdSensing (MCS). Routing packets toward the sink node can be a daunting task if aforementioned factors are considered. Correspondingly, routing packets by considering only shortest path or residual energy lead to suboptimal data forwarding. To this end, we propose a Fuzzy logic based Routing (FR) solution that incorporates social behaviour of human beings, link quality, and node quality to make the optimal routing decision. FR leverages friendship mechanism for trust management, Signal to Noise Ratio (SNR) to assure good link quality node selection, and residual energy for long lasting sensor lifetime. Extensive simulations show that the FR solution outperforms the existing approaches in terms of network lifetime and packet delivery ratio.

Cyber physical systems are the key innovation driver for many domains such as automotive, avionics, industrial process control, and factory automation. However, their interconnection potentially provides adversaries easy access to sensitive data, code, and configurations. If attackers gain control, material damage or even harm to people must be expected. To counteract data theft, system manipulation and cyber-attacks, security mechanisms must be embedded in the cyber physical system. Adding hardware security in the form of the standardized Trusted Platform Module (TPM) is a promising approach. At the same time, traditional dependability features such as safety, availability, and reliability have to be maintained. To determine the right balance between security and dependability it is essential to understand their interferences. This paper supports developers in identifying the implications of using TPMs on the dependability of their system.We highlight potential consequences of adding TPMs to cyber-physical systems by considering the resulting safety, reliability, and availability. Furthermore, we discuss the potential of enhancing the dependability of TPM services by applying traditional redundancy techniques.

Numerous IoT applications, like building automation or process control of industrial sites, exist today. These applications inherently have a strong connection to the physical world. Hence, IT security threats cannot only cause problems like data leaks but also safety issues which might harm people. Attacks on IT systems are not only performed by outside attackers but also insiders like administrators. For this reason, we present ongoing work on a Byzantine fault tolerant configuration management system (CMS) that provides control over administrators, restrains their rights, and enforces separation of concerns. We reach this goal by conducting a configuration management process that requires multi-party authorization for critical configurations to prevent individual malicious administrators from performing undesired actions. Only after a configuration has been authorized by multiple experts, it is applied to the targeted devices. For the whole configuration management process, our CMS guarantees accountability and traceability. Lastly, our system is tamper-resistant as we leverage Hyperledger Fabric, which provides a distributed execution environment for our CMS and a blockchain-based distributed ledger that we use to store the configurations. A beneficial side effect of this approach is that our CMS is also suitable to manage configurations for infrastructure shared across different organizations that do not need to trust each other.

In this paper, security of networked control system (NCS) under denial of service (DoS) attack is considered. Different from the existing literatures from the perspective of control systems, this paper considers a novel method of dynamic allocation of network bandwidth for NCS under DoS attack. Firstly, time-constrained DoS attack and its impact on the communication channel of NCS are introduced. Secondly, details for the proposed dynamic bandwidth allocation structure are presented along with an implementation, which is a bandwidth allocation strategy based on error between current state and equilibrium state and available bandwidth. Finally, a numerical example is given to demonstrate the effectiveness of the proposed bandwidth allocation approach.

This paper presents the development and configuration of a virtually air-gapped cloud environment in AWS, to secure the production software workloads and patient data (ePHI) and to achieve HIPAA compliance.

With the tighter integration of power system and Information and Communication Technology (ICT), power grid is becoming a typical cyber physical system (CPS). It is important to analyze the impact of the cyber event on power system, so that it is necessary to build a co-simulation system for studying the interaction between power system and ICT. In this paper, a cyber physical power system (CPPS) co-simulation platform is proposed, which includes the hardware-in-the-loop (HIL) simulation function. By using flexible interface, various simulation software for power system and ICT can be interconnected into the platform to build co-simulation tools for various simulation purposes. To demonstrate it as a proof, one simulation framework for real life cyber-attack on power system control is introduced. In this case, the real life denial-of-service attack on a router in automatic voltage control (AVC) is simulated to demonstrate impact of cyber-attack on power system.

Millions of small Unmanned Aircraft System (sUAS) aircraft of various shapes and capabilities will soon fly at low altitudes in urban environments for ambitious applications. It is critical to ensure these remotely piloted aircraft fly safely, predictably, and efficiently in this challenging airspace, without endangering themselves and other occupants sharing that airspace or in proximity. Concepts, technologies, processes, and policies to solve this hard problem of UAS Traffic Management (UTM) are being explored. But, cyber security considerations are largely missing. This paper bridges this gap and addresses UTM cyber security needs and issues. It contributes a comprehensive framework to understand, identify, classify, and assess security threats to UTM, including those resulting from sUAS vulnerabilities. Promising threat mitigations, major challenges, and research directions are discussed to secure UTM.

Cyber-physical systems (CPS) research leverages the expertise of researchers from multiple domains to engineer complex systems of interacting physical and computational components. An approach called co-simulation is often used in CPS conceptual design to integrate the specialized tools and simulators from each of these domains into a joint simulation for the evaluation of design decisions. Many co-simulation platforms are being developed to expedite CPS conceptualization and realization, but most use intrusive modeling and communication libraries that require researchers to either abandon their existing models or spend considerable effort to integrate them into the platform. A significant number of these co-simulation platforms use the High Level Architecture (HLA) standard that provides a rich set of services to facilitate distributed simulation. This paper introduces a simple gateway that can be readily implemented without co-simulation expertise to adapt existing models and research infrastructure for use in HLA. An open-source implementation of the gateway has been developed for the National Institute of Standards and Technology (NIST) co-simulation platform called the Universal CPS Environment for Federation (UCEF).

Cyber-Physical Systems (CPS) have been increasingly subject to cyber-attacks including code injection attacks. Zero day attacks further exasperate the threat landscape by requiring a shift to defense in depth approaches. With the tightly coupled nature of cyber components with the physical domain, these attacks have the potential to cause significant damage if safety-critical applications such as automobiles are compromised. Moving target defense techniques such as instruction set randomization (ISR) have been commonly proposed to address these types of attacks. However, under current implementations an attack can result in system crashing which is unacceptable in CPS. As such, CPS necessitate proper control reconfiguration mechanisms to prevent a loss of availability in system operation. This paper addresses the problem of maintaining system and security properties of a CPS under attack by integrating ISR, detection, and recovery capabilities that ensure safe, reliable, and predictable system operation. Specifically, we consider the problem of detecting code injection attacks and reconfiguring the controller in real-time. The developed framework is demonstrated with an autonomous vehicle case study.

We consider the scenario where a cloud service provider (CSP) operates multiple geo-distributed datacenters to provide Internet-scale service. Our objective is to minimize the total electricity and bandwidth cost by jointly optimizing electricity procurement from wholesale markets and geographical load balancing (GLB), i.e., dynamically routing workloads to locations with cheaper electricity. Under the ideal setting where exact values of market prices and workloads are given, this problem reduces to a simple linear programming and is easy to solve. However, under the realistic setting where only distributions of these variables are available, the problem unfolds into a non-convex infinite-dimensional one and is challenging to solve. One of our main contributions is to develop an algorithm that is proven to solve the challenging problem optimally, by exploring the full design space of strategic bidding. Trace-driven evaluations corroborate our theoretical results, demonstrate fast convergence of our algorithm, and show that it can reduce the cost for the CSP by up to 20% as compared with baseline alternatives. This paper highlights the intriguing role of uncertainty in workloads and market prices, measured by their variances. While uncertainty in workloads deteriorates the cost-saving performance of joint electricity procurement and GLB, counter-intuitively, uncertainty in market prices can be exploited to achieve a cost reduction even larger than the setting without price uncertainty.

To prevent users' privacy from leakage, more and more mobile devices employ biometric-based authentication approaches, such as fingerprint, face recognition, voiceprint authentications, etc., to enhance the privacy protection. However, these approaches are vulnerable to replay attacks. Although state-of-art solutions utilize liveness verification to combat the attacks, existing approaches are sensitive to ambient environments, such as ambient lights and surrounding audible noises. Towards this end, we explore liveness verification of user authentication leveraging users' lip movements, which are robust to noisy environments. In this paper, we propose a lip reading-based user authentication system, LipPass, which extracts unique behavioral characteristics of users' speaking lips leveraging build-in audio devices on smartphones for user authentication. We first investigate Doppler profiles of acoustic signals caused by users' speaking lips, and find that there are unique lip movement patterns for different individuals. To characterize the lip movements, we propose a deep learning-based method to extract efficient features from Doppler profiles, and employ Support Vector Machine and Support Vector Domain Description to construct binary classifiers and spoofer detectors for user identification and spoofer detection, respectively. Afterwards, we develop a binary tree-based authentication approach to accurately identify each individual leveraging these binary classifiers and spoofer detectors with respect to registered users. Through extensive experiments involving 48 volunteers in four real environments, LipPass can achieve 90.21% accuracy in user identification and 93.1% accuracy in spoofer detection.

Human computer operations such as writing documents and playing games have become popular in our daily lives. These activities (especially if identified in a non-intrusive manner) can be used to facilitate context-aware services. In this paper, we propose to recognize human computer operations through keystroke sensing with a smartphone. Specifically, we first utilize the microphone embedded in a smartphone to sense the input audio from a computer keyboard. We then identify keystrokes using fingerprint identification techniques. The determined keystrokes are then corrected with a word recognition procedure, which utilizes the relations of adjacent letters in a word. Finally, by fusing both semantic and acoustic features, a classification model is constructed to recognize four typical human computer operations: 1) chatting; 2) coding; 3) writing documents; and 4) playing games. We recruited 15 volunteers to complete these operations, and evaluated the proposed approach from multiple aspects in realistic environments. Experimental results validated the effectiveness of our approach.