Biblio

Recent advances in natural language generation have introduced powerful language models with high-quality output text. However, this raises concerns about the potential misuse of such models for malicious purposes. In this paper, we study natural language watermarking as a defense to help better mark and trace the provenance of text. We introduce the Adversarial Watermarking Transformer (AWT) with a jointly trained encoder-decoder and adversarial training that, given an input text and a binary message, generates an output text that is unobtrusively encoded with the given message. We further study different training and inference strategies to achieve minimal changes to the semantics and correctness of the input text.AWT is the first end-to-end model to hide data in text by automatically learning -without ground truth- word substitutions along with their locations in order to encode the message. We empirically show that our model is effective in largely preserving text utility and decoding the watermark while hiding its presence against adversaries. Additionally, we demonstrate that our method is robust against a range of attacks.

Differentially private (DP) machine learning allows us to train models on private data while limiting data leakage. DP formalizes this data leakage through a cryptographic game, where an adversary must predict if a model was trained on a dataset D, or a dataset D′ that differs in just one example. If observing the training algorithm does not meaningfully increase the adversary's odds of successfully guessing which dataset the model was trained on, then the algorithm is said to be differentially private. Hence, the purpose of privacy analysis is to upper bound the probability that any adversary could successfully guess which dataset the model was trained on.In our paper, we instantiate this hypothetical adversary in order to establish lower bounds on the probability that this distinguishing game can be won. We use this adversary to evaluate the importance of the adversary capabilities allowed in the privacy analysis of DP training algorithms.For DP-SGD, the most common method for training neural networks with differential privacy, our lower bounds are tight and match the theoretical upper bound. This implies that in order to prove better upper bounds, it will be necessary to make use of additional assumptions. Fortunately, we find that our attacks are significantly weaker when additional (realistic) restrictions are put in place on the adversary's capabilities. Thus, in the practical setting common to many real-world deployments, there is a gap between our lower bounds and the upper bounds provided by the analysis: differential privacy is conservative and adversaries may not be able to leak as much information as suggested by the theoretical bound.

Malware classification is a problem of great significance in the domain of information security. This is because the classification of malware into respective families helps in determining their intent, activity, and level of threat. In this paper, we propose a novel deep learning approach to malware classification. The proposed method converts malware executables into image-based representations. These images are then classified into different malware families using an autoencoder enhanced deep convolutional neural network (AE-DCNN). In particular, we propose a novel training mechanism wherein a DCNN classifier is trained with the help of an encoder. We conjecture that using an encoder in the proposed way provides the classifier with the extra information that is perhaps lost during the forward propagation, thereby leading to better results. The proposed approach eliminates the use of feature engineering, reverse engineering, disassembly, and other domain-specific techniques earlier used for malware classification. On the standard Malimg dataset, we achieve a 10-fold cross-validation accuracy of 99.38% and F1-score of 99.38%. Further, due to the texture-based analysis of malware files, the proposed technique is resilient to several obfuscation techniques.

Intrusion detection systems installed on the information security devices that control the internal and external perimeter of the demilitarized zones are not able to detect the vulnerability of ZeroLogon after the successful penetration of the intruder into the zone. Component solution for ZeroLogon control is offered. The paper presents the research results of the capabilities for built-in Active Directory audit mechanisms and open source intrusion detection/prevention systems, which allow identification of the critical vulnerability CVE-2020-1472. These features can be used to improve the quality of cyber-physical systems management, to perform audits, as well as to check corporate domains for ZeroLogon vulnerabilities.

The Internet of vehicles is emerging as an exciting application to improve safety and providing better services in the form of active road signs, pay-as-you-go insurance, electronic toll, and fleet management. Internet connected vehicles are exposed to new attack vectors in the form of cyber threats and with the increasing trend of cyber attacks, the success of autonomous vehicles depends on their security. Existing techniques for IoV security are based on the un-realistic assumption that all the vehicles are equipped with the same hardware (at least in terms of computational capabilities). However, the hardware platforms used by various vehicle manufacturers are highly heterogeneous. Therefore, a security protocol designed for IoVs should be able to detect the computational capabilities of the underlying platform and adjust the security primitives accordingly. To solve this issue, this paper presents a technique for algorithm-hardware separation for IoV security. The proposed technique uses an iterative routine and the corresponding execution time to detect the computational capabilities of a hardware platform using an artificial intelligence based inference engine. The results on three different commonly used micro-controllers show that the proposed technique can effectively detect the type of hardware platform with up to 100% accuracy.

Authentication, forms an important step in any security system to allow access to resources that are to be restricted. In this paper, we propose a novel artificial intelligence-assisted risk-based two-factor authentication method. We begin with the details of existing systems in use and then compare the two systems viz: Two Factor Authentication (2FA), Risk-Based Two Factor Authentication (RB-2FA) with each other followed by our proposed AIA-RB-2FA method. The proposed method starts by recording the user features every time the user logs in and learns from the user behavior. Once sufficient data is recorded which could train the AI model, the system starts monitoring each login attempt and predicts whether the user is the owner of the account they are trying to access. If they are not, then we fallback to 2FA.

Unit Commitment (UC) problem is one of the most fundamental constrained optimization problems in the planning and operation of electric power systems and electricity markets. Solving a large-scale UC problem requires a lot of computational effort which can be improved using data driven approaches. In practice, a UC problem is solved multiple times a day with only minor changes in the input data. Hence, this aspect can be exploited by using the historical data to solve the problem. In this paper, an Artificial Intelligence (AI) based approach is proposed to solve a Security Constrained UC problem. The proposed algorithm was tested through simulations on a 4-bus power system and satisfactory results were obtained. The results were compared with those obtained using IBM CPLEX MIQP solver.

The mishandled passenger baggage in aviation industry is still a big problem. This research is focused on designing a baggage handling system (BHS) at the airport for identifying and tracking of passenger baggage based on RFID technology. The proposed BHS system consists of hardware device to identify the baggage and the cloud-based tracking application. The BHS device is designed based on UHF passive RFID technology and IoT technology. The device can be used as handheld device in check-in counter and arrival area. The device can also be used as a fixed device in screening, sortation, and transition belt conveyer. The BHS device consists of RFID reader module, a microcontroller, LCD, keypad, a WiFi module and a storage device. The user and airport staff can track the luggage position and its status through dashboard application.

The advantage of elliptic curve (EC) cryptographic systems is that they provide equivalent security even with small key lengths. However, the development of modern computing technologies leads to an increase in the length of keys. In this case, it is recommended to use a secret parameter to ensure sufficient access without increasing the key length. To achieve this result, the initiation of an additional secret parameter R into the EC equation is used to develop an EC-based key distribution algorithm. The article describes the algebraic structure of an elliptic curve with a secret parameter.

In the Internet of Things, it is more important than ever to effectively address the problem of secure transmission based on steganographic substitution by synthesizing digital sensor data. In this case, the degree to which the grayscale message is obscured is a necessary issue. To ensure information security in IoT systems, various methods are used and information security problems are solved to one degree or another. The article proposes a method and algorithm for a computer image in grayscale, in which the value of each pixel is one sample, representing the amount of light, carrying only information about the intensity. The proposed method in grayscale using steganographic coding provides a secure implementation of data transmission in the IoT system. Study results were analyzed using PSNR (Peak Signal to Noise Ratio).

Nowadays, web vulnerability is a critical issue in web applications. Web developers develop web applications, but sometimes they are not very well-versed with security concerns, thereby creating loopholes for the vulnerabilities. If a web application is developed without considering security, it is harmful for the client and the company. Different types of vulnerabilities encounter during the web application development process. Therefore, vulnerability identification is a crucial and critical task from a web application development perspective. It is vigorous to secure them from the earliest development life cycle process. In this paper, we have analyzed and classified vulnerabilities related to web application security during the development phases. Here, the concern is to identify a weakness, countermeasure, confidentiality impact, access complexity, and severity level, which affect the web application security.

At present, the detection of encrypted ransomware under the Android platform mainly relies on analyzing the API call of the encryption function. But for ransomware that uses a custom encryption algorithm, the method will be invalid. This article analyzed the files before and after encryption by the ransomware, and found that there were obvious changes in the information entropy and file name of the files. Based on this, this article proposed a detection method for encrypted ransomware under the Android platform. Through pre-setting decoy files and the characteristic judgment before and after the execution of the sample to be tested, completed the detection and judgment of the ransomware. Having tested 214 samples, this method can be porved to detect encrypted ransomware accurately under the Android platform, with an accuracy rate of 98.24%.

Crime is a social problem that after the confinement of COVID-19 has increased significantly worldwide, which is why it is important to know what technological tools can be used to prevent criminal acts. In the present work, a systemic analysis was carried out to determine the importance of how to prevent crime using new information technologies. Fifty research articles were selected between 2015 and 2021. The information was obtained from different databases such as IEEE Xplore, Redalyc, Scopus, SciELO and Medline. Keywords were used to delimit the search and be more precise in our inquiry on the web. The results obtained show specific information on how to prevent crime using new information technologies. We conclude that new information technologies help to prevent crime since several developed countries have implemented their security system effectively, while underdeveloped countries do not have adequate technologies to prevent crime.

Supervisory control and data acquisition (SCADA) systems are used with monitoring and control purposes for the process not to fail in industrial control systems. Today, the increase in the use of standard protocols, hardware, and software in the SCADA systems that can connect to the internet and institutional networks causes these systems to become a target for more cyber-attacks. Intrusion detection systems are used to reduce or minimize cyber-attack threats. The use of deep learning-based intrusion detection systems also increases in parallel with the increase in the amount of data in the SCADA systems. The unsupervised feature learning present in the deep learning approaches enables the learning of important features within the large datasets. The features learned in an unsupervised way by using deep learning techniques are used in order to classify the data as normal or abnormal. Architectures such as convolutional neural network (CNN), Autoencoder (AE), deep belief network (DBN), and long short-term memory network (LSTM) are used to learn the features of SCADA data. These architectures use softmax function, extreme learning machine (ELM), deep belief networks, and multilayer perceptron (MLP) in the classification process. In this study, anomaly-based intrusion detection systems consisting of convolutional neural network, autoencoder, deep belief network, long short-term memory network, or various combinations of these methods on the SCADA networks in the literature were analyzed and the positive and negative aspects of these approaches were explained through their attack detection performances.

Multi-Agent system has the advantages of information sharing, knowledge accumulation and system stability, which is consistent with the concept of collaborative co-governance of public crisis management, and provides support for dealing with sudden public crises. Based on the background of the all-media environment, this study introduces the Internet-driven mass data management (“ crowdsourcing” crisis management) as a part of the crisis response system to improve the quality of information resource sharing. Crowdsourcing crisis management and Multi-Agent collaborative co-governance mechanism are combined with each other, so as to achieve a higher level of joint prevention and control mechanism, and explore how to effectively share information resources and emergency management resources across regions and departments in public crisis events.

As AI technology advances and its use increases, efforts to incorporate machine learning for malware detection are increasing. However, for malware learning, a standardized data set is required. Because malware is unstructured data, it cannot be directly learned. In order to solve this problem, many studies have attempted to convert unstructured data into structured data. In this study, the features and limitations of each were analyzed by investigating and analyzing the method of converting unstructured data proposed in each study into structured data. As a result, most of the data conversion techniques suggest conversion mechanisms, but the scope of each technique has not been determined. The resulting data set is not suitable for use as training data because it has infinite properties.

While various encryption algorithms ensure data security, it is essential to determine the accuracy and loss values and performance status in the analyzes made to determine encrypted data by deep learning. In this research, the analysis steps made by applying deep learning methods to encrypted cifar10 picture data are presented practically. The data was tried to be estimated by training with VGG16, VGG19, ResNet50 deep learning models. During this period, the network’s performance was tried to be measured, and the accuracy and loss values in these calculations were shown graphically.

This article is devoted to the existing standards for assessing the state of information security, which provides a classification and comparative analysis of standards for assessing the state of information.

Steganography is the method of hiding one type of information into other type of information, hiding a secret a message in a cover so that others can't know the presence of the secret information. It provides an extra layer of security in communication and information sharing. Security is an important aspect of the communication process; everyone want security in communication. The main purpose of this paper is to introduce security of information that people share among them. In this paper we are presenting different methods of substitution techniques of image steganography and their comparison. Least significant bit and most significant bit substitution techniques are used. Information is hidden in an image file and then decoded back for the secret message. Hiding the presence of any hidden information makes this more secure. This implementation can be used by secret service agencies and also common people for secure communication.

Blockchain technology relies on a growing number of globally distributed ledgers known as blockchain. This technology was used for the creation of the cryptocurrency known as bitcoin that allows transactions to be carried out quickly and easily, without the need to use an intermediary "financial institution". The information is sent trough the protocols known as: PoW (Proof of Work) and PoS (Proof of Stake), which must guarantee confidentiality, integrity and availability of the information. The present work shows the result of a bibliographic review on the evolution of the blockchain, the PoW and PoS protocols; as well as the application of these within the framework of Ecuadorian legislation with emphasis on the evolution of risks of the PoW protocol.

Wireless relay network is a solution for transmitting information from a source node to a sink node far away by installing a relay in between. The broadcasting nature of wireless communication allows the sink node to receive part of the data sent by the source node. In this way, the relay does not need to receive the whole piece of data from the source node and it does not need to forward everything it received. In this paper, we consider the application of batched network coding, a practical form of random linear network coding, for a better utilization of such a network. The amount of innovative information at the relay which is not yet received by the sink node, called the innovative rank, plays a crucial role in various applications including the design of the transmission scheme and the analysis of the throughput. We present a visualization of the innovative rank which allows us to understand and derive formulae related to the innovative rank with ease.

With the development of information technology, the Internet of things (IOT) has gradually become the third wave of global information industry revolution after computer and Internet. Artificial intelligence (AI) and IOT technology is an important prerequisite for the rapid development of the current information society. However, while AI and IOT technologies bring convenient and intelligent services to people, they also have many defects and imperfect development. Therefore, it is necessary to pay more attention to the development of AI and IOT technologies, actively improve the application system, and create a network security management system for AI and IOT applications that can timely detect intrusion, assess risk and prevent viruses. In this paper, the network security risks caused by AI and IOT applications are analyzed. Therefore, in order to ensure the security of IOT environment, network security and privacy security have become the primary problems to be solved, and management should be strengthened from technical to legal aspects.

A good website quality is needed to meet user satisfaction. The value of the benefits of the web will be felt by many users if the web has very good quality. The ease of accessing the website is a reflection of the good quality of the website. The positive image of the web owner can be seen from the quality of the website. When doing research on the website of the Ministry of Agriculture, Directorate General of Food Crops, the researcher found several pages that did not meet the website category which were said to be of good quality. Based on these findings, the authors are interested in analyzing user satisfaction with the website to measure the quality of the website of the Ministry of Agriculture, Directorate General of Food Crops using the PIECES method (Performance, Information, Economy, Control/Security, Efficiency, Service). The results of the study indicate that the level of user satisfaction with the website has been indicated as SATISFIED on each indicator, however, in measuring the quality of the website using YSlow (the GTMetrix tools, Pingdom Website Speed Tools), and (Web of Trust) WOT found many deficiencies such as loading the website takes a long time, there are some pages that cannot be found (page not found) and so on. Therefore, the authors provide several recommendations for better website development.

In order to suppress the spread of zero-day virus in the network effectively, a zero-day virus suppression strategy was proposed. Based on the mechanism of zero-day virus transmission and the idea of platform dynamic defense, the corresponding methods of virus transmission suppression are put forward. By changing the platform switching frequency, the scale of zero-day virus transmission and its inhibition effect are simulated in a small-world network model. Theory and computer simulation results show that the idea of platform switching can effectively restrain the spread of virus.

In recent years, there have been situations in which the zero-sequence protection of the transformer has been incorrectly operated due to the converter transformer energizing or fault recovery. For converter transformers, maloperation may also occur. However, there is almost no theoretical research on the zero-mode inrush currents of converter transformers. This paper studies the characteristics of the zero-mode inrush currents of the converter transformers, including the relationship between the amplitude and attenuation characteristics of the zero-mode inrush currents of converter transformers, and their relationship with the system resistance, remanence, and closing angle. First, based on the T-type equivalent circuit of the transformer, the equivalent circuit of the zero-mode inrush current of each transformer is obtained. On this basis, the amplitude relationship of the zero-mode inrush currents of different converter transformers is obtained: the zero-mode inrush current of the energizing pole YY transformer becomes larger than the YD transformer, the energized pole YD becomes greater than the YY transformer, and the YY transformer zero-mode inrush current rises from 0. It is also analyzed that the sympathetic interaction will make the attenuation of the converter transformer zero-mode inrush current slower. The system resistance mainly affects the initial attenuation speed, and the later attenuation speed is mainly determined by the converter transformer leakage reactance. Finally, PSCAD modeling and simulation are carried out to verify the accuracy of the theoretical analysis.