Biblio

Cloud Computing is a favored choice of any IT organization in the current context since that provides flexibility and pay-per-use service to the users. Moreover, due to its open and inclusive architecture which is accessible to attackers. Security and privacy are a big roadblock to its success. For any IT organization, intrusion detection systems are essential to the detection and endurance of effective detection system against attacker aggressive attacks. To recognize minor occurrences and become significant breaches, a fully managed intrusion detection system is required. The most prevalent approach for intrusion detection on the cloud is the Intrusion Detection System (IDS). This research introduces a cloud-based deep learning-LSTM IDS model and evaluates it to a hybrid Stacked Contractive Auto Encoder (SCAE) + Support Vector Machine (SVM) IDS model. Deep learning algorithms like basic machine learning can be built to conduct attack detection and classification simultaneously. Also examine the detection methodologies used by certain existing intrusion detection systems. On two well-known Intrusion Detection datasets (KDD Cup 99 and NSL-KDD), our strategy outperforms current methods in terms of accurate detection.

The Open Data Cube (ODC), created and facilitated by the Committee on Earth Observation Satellites (CEOS), is an open source software architecture that continues to gain global popularity through the integration of analysis-ready data (ARD) on cloud computing frameworks. In 2021, CEOS released a new ODC sandbox that provides global users with a free and open programming interface connected to Google Earth Engine datasets. The open source toolset allows users to run application algorithms using a Google Colab Python notebook environment. This tool demonstrates rapid creation of science products anywhere in the world without the need to download and process the satellite data. Basic operation of the tool will support many users but can also be scaled in size and scope to support enhanced user needs. The creation of the ODC sandbox was prompted by the migration of many CEOS ARD satellite datasets to the cloud. The combination of these datasets in an interoperable data cube framework will inspire the creation of many new application products and advance open science.

Today we live in a hyper-connected world, where a large amount of applications and services are supported by ad hoc networks. They have a decentralized management, are flexible and versatile but their characteristics are in turn their main weaknesses. This work introduces a preliminary analysis of the evolution, trends and the state of the art in the context of the security in ad hoc networks. To this end, two different methodologies are applied: a bibliometric analysis and a Systematic Literature Review. Results show that security in MANETs and VANETs are still an appealing research field. In addition, we realized that there is no clear separation of solutions by line of defense. This is because they are sometimes misclassified by the authors or simply there is no line of defense that totally fit well with the proposed solution. Because of that, new taxonomies including novel definitions of lines of defense are needed. In this work, we propose the use of tolerant or survivable solutions which are the ones that preserve critical system or network services in presence of fault, malfunctions or attacks.

Generative Adversarial Network (GAN) models have been widely used in various fields. More recently, styleGAN and styleGAN2 have been developed to synthesize faces that are indistinguishable to the human eyes, which could pose a threat to public security. But latest work has shown that it is possible to identify fakes using powerful CNN networks as classifiers. However, the reliability of these techniques is unknown. Therefore, in this paper we focus on the generation of content-preserving images from fake faces to spoof classifiers. Two GAN-based frameworks are proposed to achieve the goal in the white-box and black-box. For the white-box, a network without up/down sampling is proposed to generate face images to confuse the classifier. In the black-box scenario (where the classifier is unknown), real data is introduced as a guidance for GAN structure to make it adversarial, and a Real Extractor as an auxiliary network to constrain the feature distance between the generated images and the real data to enhance the adversarial capability. Experimental results show that the proposed method effectively reduces the detection accuracy of forensic models with good transferability.

Recent advances in natural language generation have introduced powerful language models with high-quality output text. However, this raises concerns about the potential misuse of such models for malicious purposes. In this paper, we study natural language watermarking as a defense to help better mark and trace the provenance of text. We introduce the Adversarial Watermarking Transformer (AWT) with a jointly trained encoder-decoder and adversarial training that, given an input text and a binary message, generates an output text that is unobtrusively encoded with the given message. We further study different training and inference strategies to achieve minimal changes to the semantics and correctness of the input text.AWT is the first end-to-end model to hide data in text by automatically learning -without ground truth- word substitutions along with their locations in order to encode the message. We empirically show that our model is effective in largely preserving text utility and decoding the watermark while hiding its presence against adversaries. Additionally, we demonstrate that our method is robust against a range of attacks.

Unit Commitment (UC) problem is one of the most fundamental constrained optimization problems in the planning and operation of electric power systems and electricity markets. Solving a large-scale UC problem requires a lot of computational effort which can be improved using data driven approaches. In practice, a UC problem is solved multiple times a day with only minor changes in the input data. Hence, this aspect can be exploited by using the historical data to solve the problem. In this paper, an Artificial Intelligence (AI) based approach is proposed to solve a Security Constrained UC problem. The proposed algorithm was tested through simulations on a 4-bus power system and satisfactory results were obtained. The results were compared with those obtained using IBM CPLEX MIQP solver.

The advantage of elliptic curve (EC) cryptographic systems is that they provide equivalent security even with small key lengths. However, the development of modern computing technologies leads to an increase in the length of keys. In this case, it is recommended to use a secret parameter to ensure sufficient access without increasing the key length. To achieve this result, the initiation of an additional secret parameter R into the EC equation is used to develop an EC-based key distribution algorithm. The article describes the algebraic structure of an elliptic curve with a secret parameter.

In the Internet of Things, it is more important than ever to effectively address the problem of secure transmission based on steganographic substitution by synthesizing digital sensor data. In this case, the degree to which the grayscale message is obscured is a necessary issue. To ensure information security in IoT systems, various methods are used and information security problems are solved to one degree or another. The article proposes a method and algorithm for a computer image in grayscale, in which the value of each pixel is one sample, representing the amount of light, carrying only information about the intensity. The proposed method in grayscale using steganographic coding provides a secure implementation of data transmission in the IoT system. Study results were analyzed using PSNR (Peak Signal to Noise Ratio).

Crime is a social problem that after the confinement of COVID-19 has increased significantly worldwide, which is why it is important to know what technological tools can be used to prevent criminal acts. In the present work, a systemic analysis was carried out to determine the importance of how to prevent crime using new information technologies. Fifty research articles were selected between 2015 and 2021. The information was obtained from different databases such as IEEE Xplore, Redalyc, Scopus, SciELO and Medline. Keywords were used to delimit the search and be more precise in our inquiry on the web. The results obtained show specific information on how to prevent crime using new information technologies. We conclude that new information technologies help to prevent crime since several developed countries have implemented their security system effectively, while underdeveloped countries do not have adequate technologies to prevent crime.

While various encryption algorithms ensure data security, it is essential to determine the accuracy and loss values and performance status in the analyzes made to determine encrypted data by deep learning. In this research, the analysis steps made by applying deep learning methods to encrypted cifar10 picture data are presented practically. The data was tried to be estimated by training with VGG16, VGG19, ResNet50 deep learning models. During this period, the network’s performance was tried to be measured, and the accuracy and loss values in these calculations were shown graphically.

Steganography is the method of hiding one type of information into other type of information, hiding a secret a message in a cover so that others can't know the presence of the secret information. It provides an extra layer of security in communication and information sharing. Security is an important aspect of the communication process; everyone want security in communication. The main purpose of this paper is to introduce security of information that people share among them. In this paper we are presenting different methods of substitution techniques of image steganography and their comparison. Least significant bit and most significant bit substitution techniques are used. Information is hidden in an image file and then decoded back for the secret message. Hiding the presence of any hidden information makes this more secure. This implementation can be used by secret service agencies and also common people for secure communication.

Wireless relay network is a solution for transmitting information from a source node to a sink node far away by installing a relay in between. The broadcasting nature of wireless communication allows the sink node to receive part of the data sent by the source node. In this way, the relay does not need to receive the whole piece of data from the source node and it does not need to forward everything it received. In this paper, we consider the application of batched network coding, a practical form of random linear network coding, for a better utilization of such a network. The amount of innovative information at the relay which is not yet received by the sink node, called the innovative rank, plays a crucial role in various applications including the design of the transmission scheme and the analysis of the throughput. We present a visualization of the innovative rank which allows us to understand and derive formulae related to the innovative rank with ease.

With the development of information technology, the Internet of things (IOT) has gradually become the third wave of global information industry revolution after computer and Internet. Artificial intelligence (AI) and IOT technology is an important prerequisite for the rapid development of the current information society. However, while AI and IOT technologies bring convenient and intelligent services to people, they also have many defects and imperfect development. Therefore, it is necessary to pay more attention to the development of AI and IOT technologies, actively improve the application system, and create a network security management system for AI and IOT applications that can timely detect intrusion, assess risk and prevent viruses. In this paper, the network security risks caused by AI and IOT applications are analyzed. Therefore, in order to ensure the security of IOT environment, network security and privacy security have become the primary problems to be solved, and management should be strengthened from technical to legal aspects.

A good website quality is needed to meet user satisfaction. The value of the benefits of the web will be felt by many users if the web has very good quality. The ease of accessing the website is a reflection of the good quality of the website. The positive image of the web owner can be seen from the quality of the website. When doing research on the website of the Ministry of Agriculture, Directorate General of Food Crops, the researcher found several pages that did not meet the website category which were said to be of good quality. Based on these findings, the authors are interested in analyzing user satisfaction with the website to measure the quality of the website of the Ministry of Agriculture, Directorate General of Food Crops using the PIECES method (Performance, Information, Economy, Control/Security, Efficiency, Service). The results of the study indicate that the level of user satisfaction with the website has been indicated as SATISFIED on each indicator, however, in measuring the quality of the website using YSlow (the GTMetrix tools, Pingdom Website Speed Tools), and (Web of Trust) WOT found many deficiencies such as loading the website takes a long time, there are some pages that cannot be found (page not found) and so on. Therefore, the authors provide several recommendations for better website development.

The article describes an analytical model of the actions of an information security violator for the secret extraction of confidential information processed on the protected object in terms of the theory of Markov random processes. The characteristics of the existing models are given, as well as the requirements that are imposed on the model for simulating the process. All model states are described in detail, as well as the data flow that is used in the process simulation. The model is represented as a directed state graph. It also describes the option for evaluating the data obtained during modeling. In the modern world, with the developing methods and means of covert extraction of information, the problem of assessing the damage that can be caused by the theft of the organization's data is acute. This model can be used to build a model of information security threats.

Vulnerability detection and exploitation serves as a milestone for secure development and identifying major threats in software applications. Automated exploit generation helps in easier identification of bugs, the attack vectors and the various possibilities of generation of the exploit payload. Thus, we introduce AngErza which uses dynamic and symbolic execution to identify hot-spots in the code, formulate constraints and generate a payload based on those constraints. Our tool is entirely based on angr which is an open-sourced offensive binary analysis framework. The work around AngErza focuses on exploit and vulnerability detection in CTF-style C binaries compiled on 64-bit Intel architecture for the early-phase of this project.

In proof-of-stake (PoS) blockchains, stakeholders that extend the chain are selected according to the amount of stake they own. In S&P 2019 the "Ouroboros Crypsinous" system of Kerber et al. (and concurrently Ganesh et al. in EUROCRYPT 2019) presented a mechanism that hides the identity of the stakeholder when adding blocks, hence preserving anonymity of stakeholders both during payment and mining in the Ouroboros blockchain. They focus on anonymizing the messages of the blockchain protocol, but suggest that potential identity leaks from the network-layer can be removed as well by employing anonymous broadcast channels.In this work we show that this intuition is flawed. Even ideal anonymous broadcast channels do not suffice to protect the identity of the stakeholder who proposes a block.We make the following contributions. First, we show a formal network-attack against Ouroboros Crypsinous, where the adversary can leverage network delays to distinguish who is the stakeholder that added a block on the blockchain. Second, we abstract the above attack and show that whenever the adversary has control over the network delay – within the synchrony bound – loss of anonymity is inherent for any protocol that provides liveness guarantees. We do so, by first proving that it is impossible to devise a (deterministic) state-machine replication protocol that achieves basic liveness guarantees and better than (1-2f) anonymity at the same time (where f is the fraction of corrupted parties). We then connect this result to the PoS setting by presenting the tagging and reverse tagging attack that allows an adversary, across several executions of the PoS protocol, to learn the stake of a target node, by simply delaying messages for the target. We demonstrate that our assumption on the delaying power of the adversary is realistic by describing how our attack could be mounted over the Zcash blockchain network (even when Tor is used). We conclude by suggesting approaches that can mitigate such attacks.

Rapid multiplication of electric vehicles requires the implementation of a new infrastructure to sustain their operations. For instance, charging these vehicles batteries necessitates a connection that allows information exchanges between vehicle and infrastructure. These exchanges are managed by a network called V2G (Vehicle to Grid), which is governed by the ISO 15118 standard. This last recommends the use of X.509 hierarchical PKI to protect the network communications against attacks. Although several authors have identified and criticized the shortcomings of this proposal, but no one provides a robust and effective remedial solution to alleviate them. This paper proposes an efficient protocol that addresses these shortcomings while respecting the concepts of the ISO 15118 standard. It fulfills the most important security requirements i.e. confidentiality, anonymity, integrity and non-repudiation. The validity and effectiveness of the proposed protocol were confirmed using the formal modeling tool Tamarin Prover and the RISE- V2G simulator.

Large enterprises offer thousands of micro-services applications to support their daily business activities by using Application Programming Interfaces (APIs). These applications generate huge amounts of traffic via millions of API calls every day, which is difficult to analyze for detecting any potential abnormal behaviour and application outage. This phenomenon makes Machine Learning (ML) a natural choice to leverage and analyze the API traffic and obtain intelligent predictions. This paper proposes an ML-based technique to detect and classify API traffic based on specific features like bandwidth and number of requests per token. We employ a Support Vector Machine (SVM) as a binary classifier to classify the abnormal API traffic using its linear kernel. Due to the scarcity of the API dataset, we created a synthetic dataset inspired by the real-world API dataset. Then we used the Gaussian distribution outlier detection technique to create a training labeled dataset simulating real-world API logs data which we used to train the SVM classifier. Furthermore, to find a trade-off between accuracy and false positives, we aim at finding the optimal value of the error term (C) of the classifier. The proposed anomaly detection method can be used in a plug and play manner, and fits into the existing micro-service architecture with little adjustments in order to provide accurate results in a fast and reliable way. Our results demonstrate that the proposed method achieves an F1-score of 0.964 in detecting anomalies in API traffic with a 7.3% of false positives rate.

Ransomware is a major malware attack experienced by large corporations and healthcare services. Ransomware employs the idea of cryptovirology, which uses cryptography to design malware. The goal of ransomware is to extort ransom by threatening the victim with the destruction of their data. Ransomware typically involves a 3-step process: analyzing the victim’s network traffic, identifying a vulnerability, and then exploiting it. Thus, the detection of ransomware has become an important undertaking that involves various sophisticated solutions for improving security. To further enhance ransomware detection capabilities, this paper focuses on an Application Programming Interface (API)-based ransomware detection approach in combination with machine learning (ML) techniques. The focus of this research is (i) understanding the life cycle of ransomware on the Windows platform, (ii) dynamic analysis of ransomware samples to extract various features of malicious code patterns, and (iii) developing and validating machine learning-based ransomware detection models on different ransomware and benign samples. Data were collected from publicly available repositories and subjected to sandbox analysis for sampling. The sampled datasets were applied to build machine learning models. The grid search hyperparameter optimization algorithm was employed to obtain the best fit model; the results were cross-validated with the testing datasets. This analysis yielded a high ransomware detection accuracy of 99.18% for Windows-based platforms and shows the potential for achieving high-accuracy ransomware detection capabilities when using a combination of API calls and an ML model. This approach can be further utilized with existing multilayer security solutions to protect critical data from ransomware attacks.

Python libraries are widely used for machine learning and scientific computing tasks today. APIs in Python libraries are deprecated due to feature enhancements and bug fixes in the same way as in other languages. These deprecated APIs are discouraged from being used in further software development. Manually detecting and replacing deprecated APIs is a tedious and time-consuming task due to the large number of API calls used in the projects. Moreover, the lack of proper documentation for these deprecated APIs makes the task challenging. To address this challenge, we propose an algorithm and a tool APIScanner that automatically detects deprecated APIs in Python libraries. This algorithm parses the source code of the libraries using abstract syntax tree (ASTs) and identifies the deprecated APIs via decorator, hard-coded warning or comments. APIScanner is a Visual Studio Code Extension that highlights and warns the developer on the use of deprecated API elements while writing the source code. The tool can help developers to avoid using deprecated API elements without the execution of code. We tested our algorithm and tool on six popular Python libraries, which detected 838 of 871 deprecated API elements. Demo of APIScanner: https://youtu.be/1hy\_ugf-iek. Documentation, tool, and source code can be found here: https://rishitha957.github.io/APIScanner.

Currently, statistical tests for random number generators (RNGs) are widely used in practice, and some of them are even included in information security standards. But despite the popularity of RNGs, consistent tests are known only for stationary ergodic deviations of randomness (a test is consistent if it detects any deviations from a given class when the sample size goes to infinity). However, the model of a stationary ergodic source is too narrow for some RNGs, in particular, for generators based on physical effects. In this article, we propose computable consistent tests for some classes of deviations more general than stationary ergodic and describe some general properties of statistical tests. The proposed approach and the resulting test are based on the ideas and methods of information theory.

This paper analyzes the necessity of artificial intelligence and big data in the security application of regulatory places. The author studies the specific application of artificial intelligence and big data in ideological dynamics management, access control system, video surveillance system, emergency alarm system, perimeter control system, police inspection system, daily behavior management, and system implementation management. The author puts forward how to do technical integration, improve information sharing, strengthen the construction of talents, and increase management fund expenditure. The purpose of this paper is to enhance the security management level of regulatory places and optimize the management environment of regulatory places.

A service-based system (SBS) dynamically composes third-party services to deliver comprehensive functionality. As adaptive systems, SBSs can substitute equivalent services within the composition if service operations or workflow requirements change. Substituted services must maintain the original SBS quality of service (QoS) constraints. In this paper, we add security as a QoS constraint. Using a model problem of a SBS system created for self-adaptive system technology evaluation, we demonstrate the applicability of security assurance cases and service security profile exchange to build in security awareness for more informed SBS adaptation.

Fault injection is a major threat to embedded system security since it can lead to modified control flows and leakage of critical security parameters, such as secret keys. However, injecting physical faults into devices is cumbersome and difficult since it requires a lot of preparation and manual inspection of the assembly instructions. Furthermore, a single fault injection method cannot cover all possible fault types. Simulating fault injection in comparison, is, in general, less costly, more time-efficient, and can cover a large amount of possible fault combinations. Hence, many different fault injection tools have been developed for this purpose. However, previous tools have several drawbacks since they target only individual architectures or cover merely a limited amount of the possible fault types for only specific memory types. In this paper, we present ARCHIE, a QEMU-based architecture-independent fault evaluation tool, that is able to simulate transient and permanent instruction and data faults in RAM, flash, and processor registers. ARCHIE supports dynamic code analysis and parallelized execution. It makes use of the Tiny Code Generator (TCG) plugin, which we extended with our fault plugin to enable read and write operations from and to guest memory. We demonstrate ARCHIE’s capabilities through automatic binary analysis of two exemplary applications, TinyAES and a secure bootloader, and validate our tool’s results in a laser fault injection experiment. We show that ARCHIE can be run both on a server with extensive resources and on a common laptop. ARCHIE can be applied to a wide range of use cases for analyzing and enhancing open source and proprietary firmware in white, grey, or black box tests.