Biblio

The main objective of the proposed work is to build a reliable and secure architecture for cloud servers where users may safely store and transfer their data. This platform ensures secure communication between the client and the server during data transfer. Furthermore, it provides a safe method for sharing and transferring files from one person to another. As a result, for ensuring safe data on cloud servers, this research work presents a secure architecture combining three DNA cryptography, HMAC, and a third party Auditor. In order to provide security by utilizing various strategies, a number of traditional and novel cryptographic methods are investigated. In the first step, data will be encrypted with the help of DNA cryptography, where the encoded document will be stored in the cloud server. In next step, create a HMAC value of encrypted file, which was stored on cloud by using secret key and sends to TPA. In addition, Third Party Auditor is used for authenticate the purity of stored documents in cloud at the time of verification TPA also create HMAC value from Cloud stored data and verify it. DNA-based cryptographic technique, hash based message authentic code and third party auditor will provide more secured framework for data security and integrity in cloud server.

The rise of artificial intelligence plays an important role in social progress and economic development, which is a hot topic in the Internet industry. In the past few years, the Chinese government has vigorously increased policy support to promote the golden age of artificial intelligence. However, with the rapid development of artificial intelligence, the copyright protection and intellectual property legislation of artificial intelligence products have brought some challenges.

Existing search-based coverless text steganography algorithms according to the characteristics of the text, do not need to modify the carrier, and have good resistance to detection, but they rely on a large text data set and have a limited hiding capacity. For this reason, this paper proposes a coverless steganography method based on the source XML file organization of the OOXML documents from a new perspective. It analyzes the organization of OOXML documents, and uses the differences of organization to construct the mapping between documents and secret information, so as to realize the coverless information hiding. To achieve the efficiency of information hiding, a compound tree model is designed and introduced to construct the OOXML document category library. Compared with the existing coverless information hiding methods, the text set size that this method relies on is significantly reduced, and the flexibility of the mapping is higher under the similar hiding capacity.

STAMP (System Theoretic Accident Model and Processes) is one of the theories that has been attracting attention as a new safety analysis method for complex systems. CAST (Causal Analysis using System Theory) is a causal analysis method based on STAMP theory. The authors investigated an information security incident case, “AIST (National Institute of Advanced Industrial Science and Technology) report on unauthorized access to information systems,” and attempted accident analysis using CAST. We investigated whether CAST could be applied to the cyber security analysis. Since CAST is a safety accident analysis technique, this study was the first to apply CAST to cyber security incidents. Its effectiveness was confirmed from the viewpoint of the following three research questions. Q1:Features of CAST as an accident analysis method Q2:Applicability and impact on security accident analysis Q3:Understanding cyber security incidents with a five-layer model.

In the ever evolving Internet threat landscape, Distributed Denial-of-Service (DDoS) attacks remain a popular means to invoke service disruption. DDoS attacks, however, have evolved to become a tool of deceit, providing a smokescreen or distraction while some other underlying attack takes place, such as data exfiltration. Knowing the intent of a DDoS, and detecting underlying attacks which may be present concurrently with it, is a challenging problem. An entity whose network is under a DDoS attack may not have the support personnel to both actively fight a DDoS and try to mitigate underlying attacks. Therefore, any system that can detect such underlying attacks should do so only with a high degree of confidence. Previous work utilizing flow aggregation techniques with multi-class anomaly detection showed promise in both DDoS detection and detecting underlying attacks ongoing during an active DDoS attack. In this work, we head in the opposite direction, utilizing flow segmentation and concurrent flow feature aggregation, with the primary goal of greatly reduced detection times of both DDoS and underlying attacks. Using the same multi-class anomaly detection approach, we show greatly improved detection times with promising detection performance.

Hardware Trojans are modifications made by malicious insiders or third party providers during the design or fabrication phase of the IC (Integrated Circuits) design cycle in a covert manner. These cause catastrophic consequences ranging from manipulating the functionality of individual blocks to disabling the entire chip. Thus, a need for detecting trojans becomes necessary. In this work, we propose a deep learning based approach for detecting trojans in IC chips. In particular, we insert trojans at the circuit-level and generate data by measuring power during normal operation and under attack. Further, we develop deep learning models using Neural networks and Auto-encoders to analyze datasets for outlier detection by profiling the normal behavior and leveraging them to detect anomalies in power consumption. Our approach is generic and non-invasive in that it can be applied to any block without any modifications to the design. Evaluation of the proposed approach shows an accuracy ranging from 92.23% to 99.33% in detecting trojans.

In modern power grids (PGs), load frequency control (LFC) is effectively employed to preserve the frequency within the allowable ranges. However, LFC dependence on information and communication technologies (ICTs) makes PGs vulnerable to cyber attacks. Manipulation of measured data and control commands known as false data injection attacks (FDIAs) can negatively affect grid frequency performance and destabilize PG. This paper investigates the frequency performance of an isolated PG under coordinated FDIAs. A control scheme based on the combination of a Kalman filter, a chi-square detector, and a linear quadratic Gaussian controller is proposed to detect and mitigate the coordinated FDIAs. The efficiency of the proposed control scheme is evaluated under two types of scaling and exogenous FDIAs. The simulation results demonstrate that the proposed control scheme has significant capabilities to detect and mitigate the designed FDIAs.

Recently, Mobile Edge Cloud computing (MEC) has attracted attention both from academia and industry. The idea of moving a part of cloud resources closer to users and data sources can bring many advantages in terms of speed, data traffic, security and context-aware services. The MEC infrastructure does not only host and serves applications next to the end-users, but services can be dynamically migrated and reallocated as mobile users move in order to guarantee latency and performance constraints. This specific requirement calls for the involvement and collaboration of multiple MEC providers, which raises a major issue related to trustworthiness. Two main challenges need to be addressed: i) trustworthiness needs to be handled in a manner that does not affect latency or performance, ii) trustworthiness is considered in different dimensions - not only security metrics but also performance and quality metrics in general. In this paper, we propose a trust layer for public MEC infrastructure that handles establishing and updating trust relations among all MEC entities, making the interaction withing a MEC network transparent. First, we define trust attributes affecting the trusted quality of the entire infrastructure and then a methodology with a computation model that combines these trust attribute values. Our experiments showed that the trust model allows us to reduce latency by removing the burden from a single MEC node, while at the same time increase the network trustworthiness.

In order to improve the continuity of cryptographic services and ensure the quality of services in the cloud environment, a dynamic migration framework of cryptographic service virtual machines based on the network shared storage system is proposed. Based on the study of the security threats in the migration process, a dynamic migration attack model is established, and the security requirement of dynamic migration is analyzed. It designs and implements the dynamic security migration management software, which includes a dynamic migration security enhancement module based on the Libvirt API, role-based access control policy, and transmission channel protection module. A cryptographic service virtual machine migration environment is built, and the designed management software and security mechanism are verified and tested. The experimental results show that the method proposed in the paper can effectively improve the security of cryptographic service virtual machine migration.

Cloud Computing (CC) has emerged as an on-demand accessible tool in different practical applications such as digital industry, academics, manufacturing, health sector and others. In this paper different security threats faced by CC are discussed with suitable examples. Moreover, an artificial intelligence based security enabled CC is also discussed based on suitable empirical data. It is found that an artificial neural network (ANN) is an effective system to detect the level of risk factors associated with CC along with mitigating those risk issues with appropriate algorithms. Hence, it provides a desired level of protection against cyber attacks, internal confidential threats and external threat of data theft from a cloud computing system. Levenberg–Marquardt (LMBP) algorithms are also found as a significant tool to estimate the level of security performance around a cloud computing system. ANN is used to improve the performance level of data security across a cloud computing network and make it security enabled to ensure a protected data transmission to clients associated with the system.

In this paper we use a seeded modular coding scheme for implementing physical layer security in a wiretap scenario. This modular scheme consists of a traditional coding layer and a security layer. For the traditional coding layer, we use a polar code. We evaluate the performance of the seeded modular coding scheme in an experimental setup with software defined radios and compare these results to simulation results. In order to assess the secrecy level of the scheme, we employ the distinguishing security metric. In our experiments, we compare the distinguishing error rate for different seeds and block lengths.

Unlike the traditional key-exchange based cryptography, physical layer security is built on information theory and aims to achieve unconditional security by exploiting the physical characteristics of wireless channels. With the growth of the number of wireless devices, physical layer security has been gradually emphasized by researchers. Various physical layer security protocols have been proposed for different communication scenarios. Since these protocols are based on information-theoretic security and the formalization work for information theory were not complete when these protocols were proposed, the security of these protocols lacked formal proofs. In this paper, we propose a formal definition for the secrecy capacity in non-degraded wiretap channel model and a formal proof for the secrecy capacity in binary symmetric channel with the help of SSReflect/Coq theorem prover.

Generative Adversarial Networks (GANs) are machine learning methods that are used in many important and novel applications. For example, in imaging science, GANs are effectively utilized in generating image datasets, photographs of human faces, image and video captioning, image-to-image translation, text-to-image translation, video prediction, and 3D object generation to name a few. In this paper, we discuss how GANs can be used to create an artificial world. More specifically, we discuss how GANs help to describe an image utilizing image/video captioning methods and how to translate the image to a new image using image-to-image translation frameworks in a theme we desire. We articulate how GANs impact creating a customized world.

To meet the application need of dynamic visualization VR display of 3D time-varying field, this paper designed an immersive visualization VR system of 3D time-varying field based on the Unity 3D framework. To reduce visual confusion caused by 3D time-varying field flow line drawing and improve the quality and efficiency of visualization rendering drawing, deep learning was used to extract features from the mesoscale vortex of the 3D time-varying field. Moreover, the 3D flow line dynamic visualization drawing was implemented through the Unity Visual Effect Graph particle system.

Steganography security is the main concern in today’s informative world. The fact is that communication takes place to hide information secretly. Steganography is the technique of hiding secret data within an ordinary, non-secret, file, text message and images. This technique avoids detection of the secret data then extracted at its destination. The main reason for using steganography is, we can hide any secret message behind its ordinary file. This work presents a unique technique for image steganography based on a 512-bit algorithm. The secure stego image is a very challenging task to give protection. Therefore we used the least significant bit (LSB) techniques for implementing stego and cover image. However, data encryption and decryption are used to embedded text and replace data into the least significant bit (LSB) for better approaches. Android-based interface used in encryption-decryption techniques that evaluated in this process.Contribution—this research work with 512-bit data simultaneously in a block cipher to reduce the time complexity of a system, android platform used for data encryption decryption process. Steganography model works with stego image that interacts with LSB techniques for data hiding.

Containers that can be easily created, transported and scaled with the use of container-based virtualization technologies work better than classical virtualization technologies and provide efficient resource usage. The Docker platform is one of the most widely used solutions among container-based virtualization technologies. The OS-level virtualization of the Docker platform and the container’s use of the host operating system kernel may cause security problems. In this study, a method including static and dynamic analysis has been proposed to ensure Docker image and container security. In the static analysis phase of the method, the packages of the images are scanned for vulnerabilities and malware. In the dynamic analysis phase, Docker containers are run for a certain period of time, after the open port scanning, network traffic is analyzed with the Snort3. Seven Docker images are analyzed and the results are shared.

The protection of Intellectual Property (IP) has gradually increased in recent years. Traditional intellectual property management service has lower efficiency for such scale of data. Considering that the maturity of deep learning models has led to the development of knowledge graphs. Relevant researchers have investigated the application of knowledge graphs in different domains, such as medical services, social media, etc. However, few studies of knowledge graphs have been undertaken in the domain of intellectual property. In this paper, we introduce the process of building a domain knowledge graph and start from data preparation to conduct the research of named entity recognition.

Static analysis is a general name for various methods of program examination without actually executing it. In particular, it is widely used to discover errors and vulnerabilities in software. Taint analysis usually denotes the process of checking the flow of user-provided data in the program in order to find potential vulnerabilities. It can be performed either statically or dynamically. In the paper we evaluate several improvements for the static taint analyzer Irbis [1], which is based on a special case of interprocedural graph reachability problem - the so-called IFDS problem, originally proposed by Reps et al. [2]. The analyzer is currently being developed at the Ivannikov Institute for System Programming of the Russian Academy of Sciences (ISP RAS). The evaluation is based on several real projects with known vulnerabilities and a subset of the Juliet Test Suite for C/C++ [3]. The chosen subset consists of more than 5 thousand tests for 11 different CWEs.

Nowadays, smart contracts manage more and more digital assets and have become an attractive target for adversaries. To prevent smart contracts from malicious attacks, a thorough test is indispensable and must be finished before deployment because smart contracts cannot be modified after being deployed. Fuzzing is an important testing approach, but most existing smart contract fuzzers can hardly solve the constraints which involve deeply nested conditional statements, resulting in low coverage. To address this problem, we propose Targy, an efficient targeted mutation strategy based on dynamic taint analysis. We obtain the taint flow by dynamic taint propagation, and generate a more accurate mutation strategy for the input parameters of functions to simultaneously satisfy all conditional statements. We implemented Targy on sFuzz with 3.6 thousand smart contracts running on Ethereum. The numbers of covered branches and detected vulnerabilities increase by 6% and 7% respectively, and the average time required for covering a branch is reduced by 11 %.

Distributed Denial-of-Service (DDoS) attacks pose a huge risk to the network and threaten its stability. A game theoretic approach for intrusion detection and prevention is proposed to avoid DDoS attacks in the internet. Game theory provides a control mechanism that automates the intrusion detection and prevention process within a network. In the proposed system, system-subject interaction is modeled as a 2-player Bayesian signaling zero sum game. The game's Nash Equilibrium gives a strategy for the attacker and the system such that neither can increase their payoff by changing their strategy unilaterally. Moreover, the Intent Objective and Strategy (IOS) of the attacker and the system are modeled and quantified using the concept of incentives. In the proposed system, the prevention subsystem consists of three important components namely a game engine, database and a search engine for computing the Nash equilibrium, to store and search the database for providing the optimum defense strategy. The framework proposed is validated via simulations using ns3 network simulator and has acquired over 80% detection rate, 90% prevention rate and 6% false positive alarms.

Different security issues are a common problem for open source packages archived to and delivered through software ecosystems. These often manifest themselves as software weaknesses that may lead to concrete software vulnerabilities. This paper examines various security issues in Python packages with static analysis. The dataset is based on a snapshot of all packages stored to the Python Package Index (PyPI). In total, over 197 thousand packages and over 749 thousand security issues are covered. Even under the constraints imposed by static analysis, (a) the results indicate prevalence of security issues; at least one issue is present for about 46% of the Python packages. In terms of the issue types, (b) exception handling and different code injections have been the most common issues. The subprocess module stands out in this regard. Reflecting the generally small size of the packages, (c) software size metrics do not predict well the amount of issues revealed through static analysis. With these results and the accompanying discussion, the paper contributes to the field of large-scale empirical studies for better understanding security problems in software ecosystems.

This paper studies the hierarchical secure multicast algorithm in sparse code multiple access (SCMA) networks, its network security capacity is no longer limited by the users with the worst channel quality in multicast group. Firstly, we propose a network security energy efficiency (SEE) maximization problem. Secondly, in order to reduce the computational complexity, we propose a suboptimal algorithm (SA), which separates the codebook assignment with artificial noise from the power allocation with artificial noise. To further decrease the complexity of Lagrange method, a power allocation algorithm with increased fixed power is introduced. Finally, simulation results show that the network performance of the proposed algorithm in SCMA network is significantly better than that in orthogonal frequency division multiple access (OFDMA) network.

Over the last few years, the world has been moving towards digital healthcare, where harnessing medical data distributed across multiple healthcare providers is essential to achieving personalized treatments. Though the efficiency and speed of the diagnosis process have increased due to the digitalization of healthcare data, it is at constant risk of cyberattacks. Medical images, in particular, seem to have become a regular victim of hackers, due to which there is a need to find a feasible solution for storing them securely. This work proposes a blockchain-based framework that leverages the InterPlanetary File system (IPFS) to provide decentralized storage for medical images. Our proposed blockchain storage model is implemented in the IPFS distributed file-sharing system, where each image is stored on IPFS, and its corresponding unique content-addressed hash is stored in the blockchain. The proposed model ensures the security of the medical images without any third-party dependency and eliminates the obstacles that arise due to centralized storage.

The problem of buffer overflow in the information system is not threatening, and the system's own defense mechanism can detect and terminate code injection attacks. However, as countermeasures compete with each other, advanced stack overflow attacks have emerged: Return Oriented-Programming (ROP) technology, which has become a hot spot in the field of system security research in recent years. First, this article explains the reason for the existence of this technology and the attack principle. Secondly, it systematically expounds the realization of the return-oriented programming technology at home and abroad in recent years from the common architecture platform, the research of attack load construction, and the research of variants based on ROP attacks. Finally, we summarize the paper.

A wireless communication system with rotating linearly polarized antennas is built and tested as a method for increasing physical layer security. Controlling the linear polarization angle from 0° to 180° yields bit error rates greater than 20% for 40° of rotation.