Biblio

Recent developments in deepfake technology are increasing new security threats. To solve these issues, various detection methods have been proposed including the methods utilizing biological signals captured by R-PPG. However, existing methods have limitations in terms of detection accuracy and generalized performance. In this paper, we present our approach for R-PPG-based BPM (Beats Per Minute) analysis for effective deepfake detection. With the selected deepfake datasets, we performed (a) comparison and analysis of conditions for BPM processing, and (b) BPM extraction by dividing the face into 16 regions and comparison of BPM in each region. The results showed that our proposed BPM-related properties are effective in deepfake detection.

In recent years, biometric authentication, such as fingerprint and face recognition, has become widespread in smartphones. However, fingerprint and face authentication have the problem that they cannot be used depending on the condition of the user's fingers or face. Therefore, we have been investigating a new biometric authentication system using pinna as a personal authentication system for smart phones. We have studied a personal authentication system using the Pinna Related Transfer Function (PRTF), which is an acoustic transfer function measured from the pinna. However, since the position of the smartphone changes every time it is placed on the ear, there is a problem that the authentication rate decreases. In this paper, we propose a multimodal personal authentication system using PRTF, pinna images, and smartphone location information, and verify its effectiveness. The results show that the proposed authentication system can improve the robustness against the fluctuation of the smartphone location.

Cyberattacks have been progressed in the fields of Internet of Things, and artificial intelligence technologies using the advanced persistent threat (APT) method recently. The damage caused by ransomware is rapidly spreading among APT attacks, and the range of the damages of individuals, corporations, public institutions, and even governments are increasing. The seriousness of the problem has increased because ransomware has been evolving into an intelligent ransomware attack that spreads over the network to infect multiple users simultaneously. This study used open source endpoint detection and response tools to build and test a framework environment that enables systematic ransomware detection at the network and system level. Experimental results demonstrate that the use of EDR tools can quickly extract ransomware attack features and respond to attacks.

The Border Gateway Protocol (BGP) is in charge of the route exchange at the Internet scale. Anomalies in BGP can have several causes (mis-configuration, outage and attacks). These anomalies are classified into large or small scale anomalies. Machine learning models are used to analyze and detect anomalies from the complex data extracted from BGP behavior. Two types of data representation can be used inside the machine learning models: a graph representation of the network (graph features) or a statistical computation on the data (statistical features). In this paper, we evaluate and compare the accuracy of machine learning models using graph features and statistical features on both large and small scale BGP anomalies. We show that statistical features have better accuracy for large scale anomalies, and graph features increase the detection accuracy by 15% for small scale anomalies and are well suited for BGP small scale anomaly detection.

In the context of Industrial Internet logo analysis, this paper analyzes the feasibility and outstanding advantages of the blockchain technology applied to supply chain data supervision combining the pain spots of traditional supply chain management system and the technical superiority. Although blockchain technology has uprooted some deep-entrenched problems of supply chain data management system, it brings new issues to government supervision in the meanwhile. Upon the analysis of current development and the new problems of blockchain-based supply chain data management system, a new parent-children blockchain-based supply chain data supervision system is proposed, which targets to overcome the dilemma faced by the governmental regulation of supply chain. Firstly, with the characteristics of blockchain including decentralization, non-tampering and non-repudiation, the system can solve the problem puzzling the traditional database about untruthful and unreliable data, and has advantages in managing supply chain and realizing product traceability. The authenticity and reliability of data on the chain also make it easier for the government to investigate and affix the responsibility of vicious incidents. At the same time, the system adopts the parent-children chain structure and the storage mode combining on-chain and off-chain resources to overcome the contradiction between information disclosure requirements of the government and privacy protection requirements of enterprises, which can better meet the needs of various users. Moreover, the application of smart contracts can replace a large number of the manual work like repetitive data analysis, which can make analysis results more accurate and avoid human failure.

To conceive a CPS is a complex and multidisciplinary endeavour involving different stakeholders, potentially using a plethora of different languages to describe their views of the system at different levels of abstraction. Model-Driven Engineering comes, precisely, as a methodological approach to tackle the complexity of systems development with models as first-class citizens in the development process. The measure of realism of these models with respect to the real (sub)system is called fidelity. Usually, different models with different fidelity are then developed during the development process. Additionally, it is very common that the development process of CPS includes an incremental (and collaborative) use of simulations to study the behaviour emerging from the heterogeneous models of the system. Currently, the different models, with different fidelity, are managed in an ad hoc manner. Consequently, when a (Co)simulation is used to study a specific property of the system, the choice of the different models and their setup is made manually in a non-tractable way. In this paper we propose a structured new vision to CPS development, where the notion of simulation goal and multi-fidelity simulation unit are first-class citizens. The goal is to make a clear link between the system requirements, the system properties, the simulation goal and the multi-fidelity simulation unit. The outcome of this framework is a way to automatically determine the model at an adequate fidelity level suitable for answering a specific simulation goal.

Human Resource (HR) Analytics has been increasingly attracted attention for a past decade. This is because the study field is adopted data-driven approaches to be processed and interpreted for meaningful insights in human resources. The field is involved in HR decision making helping to understand why people, organization, or other business performance behaved the way they do. Embracing the available tools for decision making and learning in the field of computational intelligence (CI) and Artificial Intelligence (AI) to the field of HR, this creates tremendous opportunities for HR Analytics in practical aspects. However, there are still inadequate applications in this area. This paper serves as a survey of using the tools and their applications in HR involving recruitment, retention, reward and retirement. An example of using CI and AI for career development and training in the era of disruption is conceptually proposed.

Trusted Platform Modules (TPM) have grown to be crucial safeguards from the number of software-based strikes. By giving a restricted range of cryptographic providers by way of a well-defined user interface, divided as a result of the program itself, TPM and Infrastructure as a service (IaaS) can function as a root of loyalty so when a foundation aimed at advanced equal protection methods. This information studies the works aimed at uses on TPM within the cloud computing atmosphere, by journal times composed somewhere among 2013 as well as 2020. It identifies the present fashion as well as goals from these technologies within the cloud, as well as the kind of risks that it mitigates. The primary investigation is being focused on the TPM's association to the IaaS security based on the authorization and the enabling schema for integrity. Since integrity measurement is among the key uses of TPM and IaaS, particular focus is given towards the evaluation of operating period phases as well as S/W levels it's put on to. Finally, the deep survey on recent schemes can be applied on Cloud Environment.

Smart grid (SG) network is one of the recently improved networks of tangled entities, objects, and smart metering infrastructure (SMI). It plays a vital part in sensing, acquiring, observing, aggregating, controlling, and dealing with various kinds of fields in SG. The SMI or advanced metering infrastructure (AMI) is proposed to make available a real-time transmissions connection among users and services are Time of use (TOU), Real time pricing (RTP), Critical Peak Pricing (CPP). In adding to, additional benefit of SMs is which are capable to report back to the service control center in near real time nontechnical losses (for instance, tampering with meters, bypassing meters, and illicit tapping into distribution systems). SMI supports two-way transmission meters reading electrical utilization at superior frequency. This data is treated in real time and signals send to manage demand. This paper expresses a transitory impression of cyberattack instances in customary energy networks and SMI. This paper presents cyber security attacks and countermeasures in Smart Grid Metering Network (SGMN). Based on the existing survey threat models, a number of proposed ways have been planned to deal with all threats in the formulation of the secrecy and privacy necessities of SG measurement network.

As malware detection algorithms and methods become more sophisticated, malware authors adopt equally sophisticated evasion mechanisms to defeat them. Anecdotal evidence claims Living-Off-The-Land (LotL) techniques are one of the major evasion techniques used in many malware attacks. These techniques leverage binaries already present in the system to conduct malicious actions. We present the first large-scale systematic investigation of the use of these techniques by malware on Windows systems.In this paper, we analyse how common the use of these native system binaries is across several malware datasets, containing a total of 31,805,549 samples. We identify an average 9.41% prevalence. Our results show that the use of LotL techniques is prolific, particularly in Advanced Persistent Threat (APT) malware samples where the prevalence is 26.26%, over twice that of commodity malware.To illustrate the evasive potential of LotL techniques, we test the usage of LotL techniques against several fully patched Windows systems in a local sandboxed environment and show that there is a generalised detection gap in 10 of the most popular anti-virus products.

Distributed Denial of Service (DDoS) attacks are widely used by malicious actors to disrupt network infrastructures/services. A common attack is TCP SYN Flood that attempts to exhaust memory and processing resources. Typical mitigation mechanisms, i.e. SYN cookies require significant processing resources and generate large rates of backscatter traffic to block them. In this paper, we propose a detection and mitigation schema that focuses on generating and optimizing signature-based rules. To that end, network traffic is monitored and appropriate packet-level data are processed to form signatures i.e. unique combinations of packet field values. These are fed to machine learning models that classify them to malicious/benign. Malicious signatures corresponding to specific destinations identify potential victims. TCP traffic to victims is redirected to high-performance programmable XDPenabled firewalls that filter off ending traffic according to signatures classified as malicious. To enhance mitigation performance malicious signatures are subjected to a reduction process, formulated as a multi-objective optimization problem. Minimization objectives are (i) the number of malicious signatures and (ii) collateral damage on benign traffic. We evaluate our approach in terms of detection accuracy and packet filtering performance employing traces from production environments and high rate generated attack traffic. We showcase that our approach achieves high detection accuracy, significantly reduces the number of filtering rules and outperforms the SYN cookies mechanism in high-speed traffic scenarios.

Cyber attacks are a major concern for network administrators as the occurrences of such events are continuously increasing on the Internet. Software-defined networks (SDN) enable many management applications, but they may also become targets for attackers. Due to the separation of the data plane and the control plane, the controller appears as a new element in SDN networks, allowing centralized control of the network, becoming a strategic target in carrying out an attack. According to reports generated by security labs, the frequency of the distributed denial of service (DDoS) attacks has seen an increase in recent years, characterizing a major threat to the SDN. However, few research papers address the prevention of DDoS attacks on SDN. Therefore, this work presents a Systematic Mapping of Literature, aiming at identifying, classifying, and thus disseminating current research studies that propose techniques and methods for preventing DDoS attacks in SDN. When answering these questions, it was determined that the SDN controller was vulnerable to possible DDoS attacks. No prevention methods were found in the literature for the first phase of the attack (when attackers try to deceive users and infect the host). Therefore, the security of software-defined networks still needs improvement over DDoS attacks, despite the evident risk of an attack targeting the SDN controller.

Security has become a significant factor of Internet of Things (IoT) and Cyber Physical Systems (CPS) wherein the devices usually vary in computing power and intrinsic hardware features. It is necessary to use security-by-design method in the development of these systems. This paper focuses on the security design issue about this sort of heterogeneous embedded systems and proposes a systematic approach aiming to achieve optimal security design objective.

The growth in the use of virtualization in the last ten years has contributed to the improvement of this technology. The practice of implementing and managing this type of isolated environment raises doubts about the security of such systems. Considering the host's proximity to a container, approaches that use anomaly detection systems attempt to monitor and detect unexpected behavior. Our work aims to use system calls to identify threats within a container environment, using machine learning based strategies to distinguish between expected and unexpected behaviors (possible threats).

When the electrical grid in a region suffers a major outage, e.g., after a catastrophic cyber attack, a “black start” may be required, where the grid is slowly restarted, carefully and incrementally adding generating capacity and demand. To ensure safe and effective black start, the grid control center has to be able to communicate with field personnel and with supervisory control and data acquisition (SCADA) systems. Voice and text communication are particularly critical. As part of the Defense Advanced Research Projects Agency (DARPA) Rapid Attack Detection, Isolation, and Characterization Systems (RADICS) program, we designed, tested and evaluated a self-configuring mesh network prototype called the Phoenix Secure Emergency Network (PhoenixSEN). PhoenixSEN provides a secure drop-in replacement for grid's primary communication networks during black start recovery. The network combines existing and new technologies, can work with a variety of link-layer protocols, emphasizes manageability and auto-configuration, and provides services and applications for coordination of people and devices including voice, text, and SCADA communication. We discuss the architecture of PhoenixSEN and evaluate a prototype on realistic grid infrastructure through a series of DARPA-led exercises.

With the rapid development of smart grid, the data generated by grid services are growing rapidly, and the requirements for time delay are becoming more and more stringent. The storage and computing capacity of the existing terminal equipment can not meet the needs of high bandwidth and low delay of the system at the same time. Fortunately, mobile edge computing (MEC) can provide users with nearby storage and computing services at the network edge, this can give an option to simultaneously meet the requirement of high bandwidth and low delay. Aiming at the problem of service offload scheduling in edge computing, this paper proposes a delay optimized task offload algorithm based on task priority classification. Firstly, the priority of power grid services is divided by using analytic hierarchy process (AHP), and the processing efficiency and quality of service of emergency tasks are guaranteed by giving higher weight coefficients to delay constraints and security levels. Secondly, the service is initialized and unloaded according to the task preprocessing time. Finally, the reasonable subchannel allocation is carried out based on the task priority design decision method. Simulation results show that compared with the traditional approaches, our algorithm can effectively improve the overall system revenue and reduce the average user task delay.

Object-oriented program (OOP) is very popular in these years for its advantages, but the testing method for OOP is still not mature enough. To deal with the problem that it is impossible to generate the probability density function by simply numeralizing a point in the test case caused by the complex structure of the object-oriented test case, we propose the Adaptive Random Testing through Test Profile for Object-Oriented software (ARTTP-OO). It generates a test case at the edge of the input field and calculates the distance between object-oriented test cases using Object and Method Invocation Sequence Similarity (OMISS) metric formula. And the probability density function is generated by the distance to select the test cases, thereby realizing the application of ARTTP algorithm in OOP. The experimental results indicate the proposed ARTTP-OO consumes less time cost without reducing the detection effectiveness.

This research attempts to provide some insights on the application of text mining and Natural Language Processing (NLP). The application domain is consumer complaints about financial institutions in the USA. As an advanced analytics discipline embedded within the Big Data paradigm, the practice of text analytics contains elements of emergent knowledge processes. Since our experiment should be able to scale up we make use of a pipeline based on Spark-NLP. The usage scenario is adapting the model to a specific industrial context and using the dataset offered by the "Consumer Financial Protection Bureau" to illustrate the application.

Although several different attacks or modern security mechanisms have been proposed, the captchas created by the numbers and the letters are still used by some websites or applications to protect their information security. The reason is that the labels of the captcha data are difficult to collect for the attacker, and protector can easily control the various parameters of the captchas: like the noise, the font type, the font size, and the background color, then make this security mechanism update with the increased attack methods. It can against attacks in different situations very effectively. This paper presents a method to recognize the different text-based captchas based on a system constituted by the denoising autoencoder and the Convolutional Recurrent Neural Network (CRNN) model with the Connectionist Temporal Classification (CTC) structure. We show that our approach has a better performance for recognizing, and it solves the identification problem of indefinite character length captchas efficiently.

The aim of the study is to present an advanced overview and potential application of the innovative tools/software's/methods used for data visualization, text mining, scientific mapping, and bibliometric analysis. Text mining and data visualization has been a topic of research for several years for academic researchers and practitioners. With the advancement in technology and innovation in the data analysis techniques, there are many online and offline software tools available for text mining and visualisation. The purpose of this study is to present an advanced overview of latest, sophisticated, and innovative tools available for this purpose. The unique characteristic about this study is that it provides an overview with examples of the five most adopted software tools such as VOSviewer, Biblioshiny, Gephi, HistCite and CiteSpace in social science research. This study will contribute to the academic literature and will help the researchers and practitioners to apply these tools in future research to present their findings in a more scientific manner.

The design of tiny trust anchors attracted much attention over the past decade, to secure low-end MCU-s that cannot afford more expensive security mechanisms. In particular, hardware/software (hybrid) co-designs offer low hardware cost, while retaining similar security guarantees as (more expensive) hardware-based techniques. Hybrid trust anchors support security services (such as remote attestation, proofs of software update/erasure/reset, and proofs of remote software execution) in resource-constrained MCU-s, e.g., MSP430 and AVR AtMega32. Despite these advances, detection of control-flow attacks in low-end MCU-s remains a challenge, since hardware requirements for the cheapest mitigation techniques are often more expensive than the MCU-s themselves. In this work, we tackle this challenge by designing Tiny-CFA - a Control-Flow Attestation (CFA) technique with a single hardware requirement - the ability to generate proofs of remote software execution (PoX). In turn, PoX can be implemented very efficiently and securely in low-end MCU-s. Consequently, our design achieves the lowest hardware overhead of any CFA technique, while relying on a formally verified PoX as its sole hardware requirement. With respect to runtime overhead, Tiny-CFA also achieves better performance than prior CFA techniques based on code instrumentation. We implement and evaluate Tiny-CFA, analyze its security, and demonstrate its practicality using real-world publicly available applications.

Internet Exchange Points (IXPs) are critical components of the Internet infrastructure that affect its performance, evolution, security and economy. In this work, we introduce a technique to improve the well-known TraIXroute tool with its ability to identify IXPs. TraIXroute is a tool written in python3. It always encounters problems during its installation by network administrators and researchers. This problem remains unchanged in the field of internet ixp measurement tools. Our paper aims to make a critical analysis of TraIXroute tool which has some malfunctions. Furthermore, our main objective is to implement an improved tool for detecting ixps on the traceroute path with ipv4 and ipv6. The tool will have options for Geolocation of ixps as well as ASs. Our tool is written in C\# (C sharp) and python which are object oriented programming languages.

To develop the next generation of Internet of Things, Edge devices and systems which leverage progress in enabling technologies such as 5G, distributed computing and artificial intelligence (AI), several requirements need to be developed and put in place to make the devices smarter. A major requirement for all the above applications is the long-term security and trust computing infrastructure. Trusted Computing requires the introduction inside of the platform of a Trusted Platform Module (TPM). Traditionally, a TPM was a discrete and dedicated module plugged into the platform to give TPM capabilities. Recently, processors manufacturers started integrating trusted computing features into their processors. A significant drawback of this approach is the need for a permanent modification of the processor microarchitecture. In this context, we suggest an analysis and a design of a software-only TPM for RISC-V processors based on seL4 microkernel and OP-TEE.

Network embedding, which aims to map the discrete network topology to a continuous low-dimensional representation space with the major topological properties preserved, has emerged as an essential technique to support various network inference tasks. However, incorporating both the evolutionary nature and the network's heterogeneity remains a challenge for existing network embedding methods. In this study, we propose a novel Translation-Based Dynamic Heterogeneous Network Embedding (TransDHE) approach to consider both the aspects simultaneously. For a dynamic heterogeneous network with a sequence of snapshots and multiple types of nodes and edges, we introduce a translation-based embedding module to capture the heterogeneous characteristics (e.g., type information) of each single snapshot. An orthogonal alignment module and RNN-based aggregation module are then applied to explore the evolutionary patterns among multiple successive snapshots for the final representation learning. Extensive experiments on a set of real-world networks demonstrate that TransDHE can derive the more informative embedding result for the network dynamic and heterogeneity over state-of-the-art network embedding baselines.

The interdisciplinary field of immersive learning research is scattered. Combining efforts for better exploration of this field from the different disciplines requires researchers to communicate and coordinate effectively. We call upon the community of immersive learning researchers for planting the Knowledge Tree of Immersive Learning Research, a proposal for a systematization effort for this field, combining both scholarly and practical knowledge, cultivating a robust and ever-growing knowledge base and methodological toolbox for immersive learning. This endeavor aims at promoting evidence-informed practice and guiding future research in the field. This paper contributes with the rationale for three objectives: 1) Developing common scientific terminology amidst the community of researchers; 2) Cultivating a common understanding of methodology, and 3) Advancing common use of theoretical approaches, frameworks, and models.