Biblio

Shipboard marine radar systems are essential for safe navigation, helping seafarers perceive their surroundings as they provide bearing and range estimations, object detection, and tracking. Since onboard systems have become increasingly digitized, interconnecting distributed electronics, radars have been integrated into modern bridge systems. But digitization increases the risk of cyberattacks, especially as vessels cannot be considered air-gapped. Consequently, in-depth security is crucial. However, particularly radar systems are not sufficiently protected against harmful network-level adversaries. Therefore, we ask: Can seafarers believe their eyes? In this paper, we identify possible attacks on radar communication and discuss how these threaten safe vessel operation in an attack taxonomy. Furthermore, we develop a holistic simulation environment with radar, complementary nautical sensors, and prototypically implemented cyberattacks from our taxonomy. Finally, leveraging this environment, we create a comprehensive dataset (RadarPWN) with radar network attacks that provides a foundation for future security research to secure marine radar communication.

Anomalous behaviour in subsystems of complex machines often affect overall performance even without failures. We devise unsupervised methods to detect times with degraded performance, and localize correlated signals, evaluated on a system with over 4000 monitored signals. From incidents comprising both downtimes and degraded performance, our approach localizes relevant signals within 1.2% of the parameter space.

This paper investigates the robustness of the received signal strength (RSS)-based physical layer authentication (PLA) for wireless mesh networks, through experimental results. Specifically, we develop a secure wireless mesh networking framework and apply the RSS-based PLA scheme, with the aim to perform continuous authentication. The mesh setup comprises three Raspberry-PI4 computing nodes (acting as Alice, Bob, and Eve) and a server. The server role is to perform the initial authentication when a new node joins the mesh network. After that, the legitimate nodes in the mesh network perform continuous authentication, by leveraging the RSS feature of wireless signals. In particular, Bob tries to authenticate Alice in the presence of Eve. The performance of the presented framework is quantified through extensive experimental results in an outdoor environment, where various nodes' positions, relative distances, and pedestrian speeds scenarios are considered. The obtained results demonstrate the robustness of the underlying model, where an authentication rate of 99% for the static case can be achieved. Meanwhile, at the pedestrian speed, the authentication rate can drop to 85%. On the other hand, the detection rate improves when the distance between the legitimate and wiretap links is large (exceeds 20 meters) or when Alice and Eve are moving in different mobility patterns.

Embedded systems involve an integration of a large number of intellectual property (IP) blocks to shorten chip's time to market, in which, many IPs are acquired from the untrusted third-party suppliers. However, existing IP trust verification techniques cannot provide an adequate security assurance that no hardware Trojan was implanted inside the untrusted IPs. Hardware Trojans in untrusted IPs may cause processor program execution failures by tampering instruction code and return address. Therefore, this paper presents a secure RISC-V embedded system by integrating a Security Monitoring Unit (SMU), in which, instruction integrity monitoring by the fine-grained program basic blocks and function return address monitoring by the shadow stack are implemented, respectively. The hardware-assisted SMU is tested and validated that while CPU executes a CoreMark program, the SMU does not incur significant performance overhead on providing instruction security monitoring. And the proposed RISC-V embedded system satisfies good balance between performance overhead and resource consumption.

Cybersecurity for complex systems operating in cyber-physical environment is becoming more and more critical because of the increasing cyber threats and systems' vulnerabilities. Security by design is quite an important method to ensure the systems' normal operations and services supply. For the aim of coping with cyber-attack affections properly, this paper studies the resilient security control issue for time-varying delay systems in cyber-physical environment with state estimation and moving defense approach. Time-varying delay factor induced by communication and network transmission, or data acquisition and processing, or certain cyber-attacks, is considered. To settle the cyber-attacks from the perspective of system control, a dynamic system model considering attacks is presented, and the corresponding switched control model with time-varying delay against attacks is formulated. Then the state estimator for system states is designed to overcome the problem that certain states cannot be measured directly. Estimated states serve as the input of the resilient security controller. Sufficient conditions of the stability of the observer and control system are derived out with the Lyapunov stability analysis method jointly. A moving defense strategy based on anomaly detection and random switching is presented, in which an optimization problem for calculating the proper switching probability of each candidate actuator-controller pair is given. Simulation experimental results are shown to illustrate the effectiveness of the presented scheme.

In this paper, the reader’s attention is directed to the problem of inefficiency of the add-on information security tools, that are installed in operating systems, including virtualization systems. The paper shows the disadvantages, that significantly affect the maintenance of an adequate level of security in the operating system. The results allowing to control all areas hierarchical of protection of the specialized operating system are presented.

In the context of IoT (Internet of Things), Device Management (DM), i.e., remote administration of IoT devices, becomes essential to keep them connected, updated and secure, thus increasing their lifespan through firmware and configuration updates and security patches. Legacy DM solutions are adequate when dealing with home devices (such as Television set-top boxes) but need to be extended to adapt to new IoT requirements. Indeed, their manual operation by system administrators requires advanced knowledge and skills. Further, the static DM platform — a component above IoT platforms that offers advanced features such as campaign updates / massive operation management — is unable to scale and adapt to IoT dynamicity. To cope with this, this work, performed in an industrial context at Orange, proposes a self-adaptive architecture with runtime horizontal scaling of DM servers, with an autonomic Auto-Scaling Manager, integrating in the loop constraint programming for decision-making, validated with a meaningful industrial use-case.

Unmanned autonomous vehicles (UAVs) have been receiving high interest lately due to their wide range of potential deployment options that can touch all aspects of our life and economy, such as transportation, delivery, healthcare, surveillance. However, UAVs have also introduced many new vulnerabilities and attack surfaces that can be exploited by cyberattacks. Due to their complexity, autonomous operations, and being relatively new technologies, cyberattacks can be persistent, complex, and can propagate rapidly to severely impact the main UAV functions such as mission management, support, processing operations, maneuver operations, situation awareness. Furthermore, such cyberattacks can also propagate among other UAVs or even their control stations and may even endanger human life. Hence, we need self-protection techniques with an autonomic management approach. In this paper we present our approach to implement self-protection of UAVs (SP-UAV) such that they can continue their critical functions despite cyberattacks targeting UAV operations or services. We present our design approach and implementation using a unified management interface based on three ports: Configuration, observer, and control ports. We have implemented the SP-UAV using C and demonstrated using different attack scenarios how we can apply autonomic responses without human involvement to tolerate cyberattacks against the UAV operations.

Early detection of conflict potentials around the community is vital for the Central Java Regional Police Department, especially in the Analyst section of the Directorate of Security Intelligence. Performance in carrying out early detection will affect the peace and security of the community. The performance of potential conflict detection activities can be improved using an integrated early detection information system by shortening the time after observation, report preparation, information processing, and analysis. Developed using Unified Process as a software life cycle, the obtained result shows the time-based performance variables of the officers are significantly improved, including observation time, report production, data finding, and document formatting.

The service mesh is a dedicated infrastructure layer in a microservice architecture. It manages service-to-service communication within an application between decoupled or loosely coupled microservices (called services) without modifying their implementations. The service mesh includes APIs for security, traffic and policy management, and observability features. These features are enabled using a pre-defined configuration, which can be changed at runtime with human intervention. However, it has no autonomy to self-manage changes to the microservice application’s operational environment. A better configuration is one that can be customized according to environmental conditions during execution to protect the application from potential threats. This customization requires enabling self-protection mechanisms within the service mesh that evaluate the risk of environmental condition changes and enable appropriate configurations to defend the application from impending threats. In this paper, we design an assessment component into a service mesh that includes a security assurance case to define the threat model and dynamically assess the application given environment changes. We experiment with a demo application, Bookinfo, using an open-source service mesh platform, Istio, to enable self-protection. We consider certain parameters extracted from the service request as environmental conditions. We evaluate those parameters against the threat model and determine the risk of violating a security requirement for controlled and authorized information flow.

Machine Learning (ML) models are now commonly used as components in systems. As any other component, ML components can produce erroneous outputs that may penalize system utility. In this context, self-adaptive systems emerge as a natural approach to cope with ML mispredictions, through the execution of adaptation tactics such as model retraining. To synthesize an adaptation strategy, the self-adaptation manager needs to reason about the cost-benefit tradeoffs of the applicable tactics, which is a non-trivial task for tactics such as model retraining, whose benefits are both context- and data-dependent.To address this challenge, this paper proposes a probabilistic modeling framework that supports automated reasoning about the cost/benefit tradeoffs associated with improving ML components of ML-based systems. The key idea of the proposed approach is to decouple the problems of (i) estimating the expected performance improvement after retrain and (ii) estimating the impact of ML improved predictions on overall system utility.We demonstrate the application of the proposed framework by using it to self-adapt a state-of-the-art ML-based fraud-detection system, which we evaluate using a publicly-available, real fraud detection dataset. We show that by predicting system utility stemming from retraining a ML component, the probabilistic model checker can generate adaptation strategies that are significantly closer to the optimal, as compared against baselines such as periodic retraining, or reactive retraining.

Resilience and antifragility under duress present significant challenges for autonomic and self-adaptive systems operating in contested environments. In such settings, the system has to continually plan ahead, accounting for either an adversary or an environment that may negate its actions or degrade its capabilities. This will involve projecting future states, as well as assessing recovery options, counter-measures, and progress towards system goals. For antifragile systems to be effective, we envision three self-* properties to be of key importance: self-exploration, self-learning and self-training. Systems should be able to efficiently self-explore – using adversarial search – the potential impact of the adversary’s attacks and compute the most resilient responses. The exploration can be assisted by prior knowledge of the adversary’s capabilities and attack strategies, which can be self-learned – using opponent modelling – from previous attacks and interactions. The system can self-train – using reinforcement learning – such that it evolves and improves itself as a result of being attacked. This paper discusses those visions and outlines their realisation in AWaRE, a cyber-resilient and self-adaptive multi-agent system.

Although 6LoWPAN has brought about a revolutionary leap in networking for Low-power Lossy Networks, challenges still exist, including security concerns that are yet to answer. The most common type of attack on 6LoWPANs is the network layer, especially routing attacks, since the very members of a 6LoWPAN network have to carry out packet forwarding for the whole network. According to the initial purpose of IoT, these nodes are expected to be resource-deficient electronic devices with an utterly stochastic time pattern of attachment or detachment from a network. This issue makes preserving their authenticity or identifying their malignity hard, if not impossible. Since 6LoWPAN is a successor and a hybrid of previously developed wireless technologies, it is inherently prone to cyber-attacks shared with its predecessors, especially Wireless Sensor Networks (WSNs) and WPANs. On the other hand, multiple attacks have been uniquely developed for 6LoWPANs due to the unique design of the network layer protocol of 6LoWPANs known as RPL. While there exist publications about attacks on 6LoWPANs, a comprehensive survey exclusively on RPL-specific attacks is felt missing to bold the discrimination between the RPL-specific and non-specific attacks. Hence, the urge behind this paper is to gather all known attacks unique to RPL in a single volume.

Due to the widespread use of the Internet of Things (IoT) in recent years, the need for IoT technologies to handle communications with the rest of the globe has grown dramatically. Wireless sensor networks (WSNs) play a vital role in the operation of the IoT. The creation of Internet of Things operating systems (OS), which can handle the newly constructed IoT hardware, as well as new protocols and procedures for all communication levels, all of which are now in development, will pave the way for the future. When compared to other devices, these gadgets require a comparatively little amount of electricity, memory, and other resources. This has caused the scientific community to become more aware of the relevance of IoT device operating systems as a result of their findings. These devices may be made more versatile and powerful by including an operating system that contains real-time capabilities, kernel, networking, and other features, among other things. IEEE 802.15.4 networks are linked together using IPv6, which has a wide address space and so enables more devices to connect to the internet using the 6LoWPAN protocol. It is necessary to address some privacy and security issues that have arisen as a result of the widespread use of the Internet, notwithstanding the great benefits that have resulted. For the Internet of Things operating systems, this research has provided a network security architecture that ensures secure communication by utilizing the Cooja network simulator in combination with the Contiki operating system and demonstrate and explained how the nodes can protect from the network layer and physical layer attacks. Also, this research has depicted the energy consumption results of each designated node type during the authentication and communication process. Finally, proposed a few further improvements for the architecture which will enhance the network layer protection.

This paper builds an Augmented Reality Sandbox (AR Sandbox) system based on augmented reality technology, and performs a 3D reconstruction for the sandbox terrain using the depth sensor Microsoft Kinect in the AR Sandbox, as an entry point to pave the way for later development of related metaverse applications, such as the metaverse architecting and visual interactive modeling. The innovation of this paper is that for the AR Sandbox scene, a 3D reconstruction method based on depth sensor is proposed, which can automatically cut off the edge of the sandbox table in Kinect field of view, and accurately and completely reconstruct the sandbox terrain in Matlab.

Payment channel hubs (PCHs) constitute a promising solution to the inherent scalability problem of blockchain technologies, allowing for off-chain payments between sender and receiver through an intermediary, called the tumbler. While state-of-the-art PCHs provide security and privacy guarantees against a malicious tumbler, they do so by relying on the scripting-based functionality available only at few cryptocurrencies, and they thus fall short of fundamental properties such as backwards compatibility and efficiency.In this work, we present the first PCH protocol to achieve all aforementioned properties. Our PCH builds upon A2L, a novel cryptographic primitive that realizes a three-party protocol for conditional transactions, where the tumbler pays the receiver only if the latter solves a cryptographic challenge with the help of the sender, which implies the sender has paid the tumbler. We prove the security and privacy guarantees of A2L (which carry over to our PCH construction) in the Universal Composability framework and present a provably secure instantiation based on adaptor signatures and randomizable puzzles. We implemented A2L and compared it to TumbleBit, the state-of-the-art Bitcoin-compatible PCH. Asymptotically, A2L has a communication complexity that is constant, as opposed to linear in the security parameter like in TumbleBit. In practice, A2L requires 33x less bandwidth than TumleBit, while retaining the computational cost (or providing 2x speedup with a preprocessing technique). This demonstrates that A2L (and thus our PCH construction) is ready to be deployed today.In theory, we demonstrate for the first time that it is possible to design a secure and privacy-preserving PCH while requiring only digital signatures and timelock functionality from the underlying scripting language. In practice, this result makes our PCH backwards compatible with virtually all cryptocurrencies available today, even those offering a highly restricted form of scripting language such as Ripple or Stellar. The practical appealing of our construction has resulted in a proof-of-concept implementation in the COMIT Network, a blockchain technology focused on cross-currency payments.

The paper considers the issue of increasing the level of trust to the user of the information system by applying profiling actions. The authors have developed the model of user behavior, which allows to identify the user by his actions in the operating system. The model uses a user's characteristic metric instead of binary identification. The user's characteristic demonstrates the degree to which the current actions of the user corresponding to the user's behavior model. To calculate the user's characteristic, several formulas have been proposed. The authors propose to implement the developed behavior model into the access control model. For this purpose, the authors create the prototype of the user action profiling system for Windows family operating systems. This system should control access to protected resources by analyzing user behavior. The authors performed a series of tests with this system. This allowed to evaluate the accuracy of the system based on the proposed behavior model. Test results showed the type I errors. Therefore, the authors invented and described a polymodel approach to profiling actions. Potentially, the polymodel approach should solve the problem of the accuracy of the user action profiling system.

To ensure comprehensive information protection, it is necessary to use various means of information protection, distributed by levels and segments of the information system. This creates a contradiction, which consists in the presence of many different means of information protection and the inability to ensure their joint coordinated application in ensuring the protection of information due to the lack of an automated control system. One of the tasks that contribute to the solution of this problem is the task of generating a feasible organizational structure and the structure of such an automated control system, the results of which would provide these options and choose the one that is optimal under given initial parameters and limitations. The problem is solved by reducing the General task with particular splitting the original graph of the automated cyber defense control system into subgraphs. As a result, the organizational composition and the automated cyber defense management system structures will provide a set of acceptable variants, on the basis of which the optimal choice is made under the given initial parameters and restrictions. As a result, admissible variants for the formation technique of organizational structure and structure by the automated control system of cyber defense is received.

Cloud computing is a technology that provides users with a large storage space and an enormous computing power. For privacy purpose, the sensitive data should be encrypted before being outsourced to the cloud. To search over the outsourced data, searchable encryption (SE) schemes have been proposed in the literature. An SE scheme should perform searches over encrypted data without causing any sensitive information leakage. To this end, a few security constraints were elaborated to guarantee the security of the SE schemes, namely, the keyword privacy, the trapdoor unlinkability, and the access pattern. The latter is very hard to be respected and most approaches fail to guarantee the access pattern constraint when performing a search. This constraint consists in hiding from the server the search result returned to the user. The non respect of this constraint may cause sensitive information leakage as demonstrated in the literature. To fix this security lack, we propose a method that allows to securely request and receive the needed documents from the server after performing a search. The proposed method that we call the access pattern hiding (APH) technique allows to respect the access pattern constraint. An experimental study is conducted to validate the APH technique.

The transportation sector is undergoing rapid changes to reduce pollution and increase life quality in urban areas. One of the most effective approaches is flexible car rental and sharing to reduce traffic congestion and parking space issues. In this paper, we envision a flexible car sharing framework where vehicle owners want to make their vehicles available for flexible rental to other users. The owners delegate the management of their vehicles to intermediate services under certain policies, such as municipalities or authorized services, which manage the due infrastructure and services that can be accessed by users. We investigate the design of an accountable solution that allow vehicles owners, who want to share their vehicles securely under certain usage policies, to control that delegated services and users comply with the policies. While monitoring users behavior, our approach also takes care of users privacy, preventing tracking or profiling procedures by other parties. Existing approaches put high trust assumptions on users and third parties, do not consider users' privacy requirements, or have limitations in terms of flexibility or applicability. We propose an accountable protocol that extends standard delegated authorizations and integrate it with Security Credential Management Systems (SCMS), while considering the requirements and constraints of vehicular networks. We show that the proposed approach represents a practical approach to guarantee accountability in realistic scenarios with acceptable overhead.

Steganography is one of the techniques for secure transformation of data which aims at hiding information inside other media in such a way that no one will notice. The cover media that can accommodate secret information include text, audio, image, and video. Images are the most popular covering media in steganography, due to the fact that, they are heavily used in daily applications and have high redundancy in representation. In this paper, we propose an adaptive steganography algorithm for hiding information in RGB images. To minimize visual perceptible distortion, the proposed algorithm uses edge pixels for embedding data. It detects the edge pixels in the image using the Sobel filter. Then, the message is embedded into the LSBs of the blue channel of the edge pixels. To resist statistical attacks, the distribution of the blue channel of the edge pixels is used when embedding data in the cover image. The experimental results showed that the algorithm offers high capacity for hiding data in cover images; it does not distort the quality of the stego image; it is robust enough against statistical attacks; and its execution time is short enough for online data transfer. Also, the results showed that the proposed algorithm outperforms similar approaches in all evaluation metrics.

Middleware for IoT (Internet of Things) helps application developers face challenges, such as device heterogeneity, service interoperability, security and scalability. While extensively adopted nowadays, IoT middleware systems are static because, after deployment, updates are only possible by stopping the thing. Therefore, adaptive capabilities can improve existing solutions by allowing their dynamic adaptation to changes in the environmental conditions, evolve provided functionalities, or fix bugs. This paper presents AMoT, an adaptive publish/subscribe middleware for IoT whose design and implementation adopt software architecture principles and evolutive adaptation mechanisms. The experimental evaluation of AMoT helps to measure the impact of the proposed adaptation mechanisms while also comparing the performance of AMoT with a widely adopted MQTT (Message Queuing Telemetry Transport) based middleware. In the end, adaptation has an acceptable performance cost and the advantage of tunning the middleware functionality at runtime.

This paper develops an adaptive neural network (NN) asymptotic tracking control scheme for nonstrict-feedback switched nonlinear systems with unknown nonlinearities. The NNs are used to dispose the unknown nonlinearities. Different from the published results, the asymptotic convergence character is achieved based on the bound estimation method. By combining some smooth functions with the adaptive backstepping scheme, the asymptotic tracking control strategy is presented. It is proved that the fabricated scheme can guarantee that the system output can asymptotically follow the desired signal, and also that all signals of the entire system are bounded. The validity of the devised scheme is evaluated by a simulation example.

Digital watermarking is the multimedia leading security protection as it permanently escorts the digital content. Image copyright protection is becoming more anxious as the new 5G technology emerged. Protecting images with a robust scheme without distorting them is the main trade-off in digital watermarking. In this paper, a watermarking scheme based on discrete cosine transform (DCT) and singular value decomposition (SVD) using canny edge detector technique is proposed. A binary encrypted watermark is reshaped into a vector and inserted into the edge detected vector from the diagonal matrix of the SVD of DCT DC and low-frequency coefficients. Watermark insertion is performed by using an edge-tracing mechanism. The scheme is evaluated using the Peak Signal to Noise Ratio (PSNR) and Normalized Correlation (NC). Attained results are competitive when compared to present works in the field. Results show that the PSNR values vary from 51 dB to 55 dB.

Information-Centric Networking (ICN) is among the promising architecture that can drive the need and versatility towards the future generation (xG) needs. In the future, support for network communication relies on the area of telemedicine, autonomous vehicles, and disaster recovery. In the disaster recovery case, there is a high possibility where the communication path is severed. Multicast communication and DTN-friendly route algorithm are becoming suitable options to send a packet message to get a faster response and to see any of the nodes available for service, this approach could give burden to the core network. Also, during disaster cases, many people would like to communicate, receive help, and find family members. Flooding the already disturbed/severed network will further reduce communication performance efficiency even further. Thus, this study takes into consideration prioritization factors to allow networks to process and delivering priority content. For this purpose, the proposed technique introduces the Routable Prefix Identifier (RP-ID) that takes into account the prioritization factor to enable optimization in Delay Tolerant ICN communication.