Biblio

Primary user emulation (PUE) attack is one of the main threats affecting cognitive radio (CR) networks. The PUE can forge the same signal as the real primary user (PU) in order to use the licensed channel and cause deny of service (DoS). Therefore, it is important to locate the position of the PUE in order to stop and avoid any further attack. Several techniques have been proposed for localization, including the received signal strength indication RSSI, Triangulation, and Physical Network Layer Coding. However, the area surrounding the real PU is always affected by uncertainty. This uncertainty can be described as a lost (cost) function and conditional probability to be taken into consideration while proclaiming if a PU/PUE is the real PU or not. In this paper, we proposed a combination of a Bayesian model and trilateration technique. In the first part a trilateration technique is used to have a good approximation of the PUE position making use of the RSSI between the anchor nodes and the PU/PUE. In the second part, a Bayesian decision theory is used to claim the legitimacy of the PU based on the lost function and the conditional probability to help to determine the existence of the PUE attacker in the uncertainty area.

as data size is growing up, cloud storage is becoming more familiar to store a significant amount of private information. Government and private organizations require transferring plenty of business files from one end to another. However, we will lose privacy if we exchange information without data encryption and communication mechanism security. To protect data from hacking, we can use Asymmetric encryption technique, but it has a key exchange problem. Although Asymmetric key encryption deals with the limitations of Symmetric key encryption it can only encrypt limited size of data which is not feasible for a large amount of data files. In this paper, we propose a probabilistic approach to Pretty Good Privacy technique for encrypting large-size data, named as ``BigCrypt'' where both Symmetric and Asymmetric key encryption are used. Our goal is to achieve zero tolerance security on a significant amount of data encryption. We have experimentally evaluated our technique under three different platforms.

Block recursive least square (BRLS) algorithm for dictionary learning in compressed sensing system is developed for surveillance video processing. The new method uses image blocks directly and iteratively to train dictionaries via BRLS algorithm, which is different from classical methods that require to transform blocks to columns first and then giving all training blocks at one time. Since the background in surveillance video is almost fixed, the residual of foreground can be represented sparsely and reconstructed with background subtraction directly. The new method and framework are applied in real image and surveillance video processing. Simulation results show that the new method achieves better representation performance than classical ones in both image and surveillance video.

Recent years have witnessed the trend of increasingly relying on distributed infrastructures. This increased the number of reported incidents of security breaches compromising users' privacy, where third parties massively collect, process and manage users' personal data. Towards these security and privacy challenges, we combine hierarchical identity based cryptographic mechanisms with emerging blockchain infrastructures and propose a blockchain-based data usage auditing architecture ensuring availability and accountability in a privacy-preserving fashion. Our approach relies on the use of auditable contracts deployed in blockchain infrastructures. Thus, it offers transparent and controlled data access, sharing and processing, so that unauthorized users or untrusted servers cannot process data without client's authorization. Moreover, based on cryptographic mechanisms, our solution preserves privacy of data owners and ensures secrecy for shared data with multiple service providers. It also provides auditing authorities with tamper-proof evidences for data usage compliance.

The indoor air quality in industrial workplace buildings, e.g. air temperature, humidity and levels of carbon dioxide (CO2), play a critical role in the perceived levels of workers' comfort and in reported medical health. CO2 can act as an oxygen displacer, and in confined spaces humans can have, for example, reactions of dizziness, increased heart rate and blood pressure, headaches, and in more serious cases loss of consciousness. Specialized organizations can be brought in to monitor the work environment for limited periods. However, new low cost wireless sensor network (WSN) technologies offer potential for more continuous and autonomous assessment of industrial workplace air quality. Central to effective decision making is the data analytics approach and visualization of what is potentially, big data (BD) in monitoring the air quality in industrial workplaces. This paper presents a case study that monitors air quality that is collected with WSN technologies. We discuss the potential BD problems. The case trials are from two workshops that are part of a large on-shore logistics base a regional shipping industry in Norway. This small case study demonstrates a monitoring and visualization approach for facilitating BD in decision making for health and safety in the shipping industry. We also identify other potential applications of WSN technologies and visualization of BD in the workplace environments; for example, for monitoring of other substances for worker safety in high risk industries and for quality of goods in supply chain management.

A mobile ad hoc network (MANET) is a collection of mobile nodes that do not need to rely on a pre-existing network infrastructure or centralized administration. Securing MANETs is a serious concern as current research on MANETs continues to progress. Each node in a MANET acts as a router, forwarding data packets for other nodes and exchanging routing information between nodes. It is this intrinsic nature that introduces the serious security issues to routing protocols. A black hole attack is one of the well-known security threats for MANETs. A black hole is a security attack in which a malicious node absorbs all data packets by sending fake routing information and drops them without forwarding them. In order to defend against a black hole attack, in this paper we propose a new threshold-based black hole attack prevention method. To investigate the performance of the proposed method, we compared it with existing methods. Our simulation results show that the proposed method outperforms existing methods from the standpoints of black hole node detection rate, throughput, and packet delivery rate.

In this paper, a general model for cyber-physical systems (CPSs), that captures the diffusion of attacks from the cyber layer to the physical system, is studied. In particular, a game-theoretic approach is proposed to analyze the interactions between one defender and one attacker over a CPS. In this game, the attacker launches cyber attacks on a number of cyber components of the CPS to maximize the potential harm to the physical system while the system operator chooses to defend a number of cyber nodes to thwart the attacks and minimize potential damage to the physical side. The proposed game explicitly accounts for the fact that both attacker and defender can have different computational capabilities and disparate levels of knowledge of the system. To capture such bounded rationality of attacker and defender, a novel approach inspired from the behavioral framework of cognitive hierarchy theory is developed. In this framework, the defender is assumed to be faced with an attacker that can have different possible thinking levels reflecting its knowledge of the system and computational capabilities. To solve the game, the optimal strategies of each attacker type are characterized and the optimal response of the defender facing these different types is computed. This general approach is applied to smart grid security considering wide area protection with energy markets implications. Numerical results show that a deviation from the Nash equilibrium strategy is beneficial when the bounded rationality of the attacker is considered. Moreover, the results show that the defender's incentive to deviate from the Nash equilibrium decreases when faced with an attacker that has high computational ability.

A fresh look at the way secure communications is currently being done has been undertaken as a consequence of the large hacking's that have taken place recently. A plausible option maybe a return to the future via Morse code using how a quantum bit (Qubit) reacts when entangled to suggest a cypher. This quantum cyphers uses multiple properties of unique entities that have many random radicals which makes hacking more difficult that traditional 'Rivest-Shamir-Adleman' (RSA), 'Digital Signature Algorithm' (DSA) or 'Elliptic Curve Digital Signature Algorithm' (ECDSA). Additional security is likely by Backchannelling (slipstreaming) Quantum Morse code (Q-Morse) keys composed of living and non-living entities. This means Blockchain ledger history (forwards-backwards) is audited during an active session. Verification keys are Backchannelling (slipstreaming) during the session (e.g. train driver must incrementally activate a switch otherwise the train stops) using predicted-expected sender-receiver properties as well as their past history of disconformities to random radicals encountered. In summary, Quantum Morse code (Q-Morse) plausibly is the enabler to additional security by Backchannelling (slipstreaming) during a communications session.

HDFS has been widely used for storing massive scale data which is vulnerable to site disaster. The file system backup is an important strategy for data retention. In this paper, we present an efficient, easy- to-use Backup and Disaster Recovery System for HDFS. The system includes a client based on HDFS with additional feature of remote backup, and a remote server with a HDFS cluster to keep the backup data. It supports full backup and regularly incremental backup to the server with very low cost and high throughout. In our experiment, the average speed of backup and recovery is up to 95 MB/s, approaching the theoretical maximum speed of gigabit Ethernet.

General sparse matrix-matrix multiplication (SpGEMM) is a core component of many algorithms. A number of recent works have used high throughput graphics processing units (GPUs) to accelerate SpGEMM. However, exploiting the power of GPUs for SpGEMM requires addressing a number of challenges, including highly imbalanced workloads and large numbers of inefficient random global memory accesses. This paper presents a SpGEMM algorithm which uses several novel techniques to overcome these problems. We first propose two low cost methods to achieve perfect load balancing during the most expensive step in SpGEMM. Next, we show how to eliminate nearly all random global memory accesses using shared memory based hash tables. To optimize the performance of the hash tables, we propose a lightweight method to estimate the number of nonzeros in the output matrix. We compared our algorithm to the CUSP, CUSPARSE and the state-of-the-art BHSPARSE GPU SpGEMM algorithms, and show that it performs 5.6x, 2.4x and 1.5x better on average, and up to 11.8x, 9.5x and 2.5x better in the best case, respectively. Furthermore, we show that our algorithm performs especially well on highly imbalanced and unstructured matrices.

Internet Engineering Task Force (IETF) is working on 6LoW-PAN standard which allows smart devices to be connected to Internet using large address space of IPV6. 6LoWPAN acts as a bridge between resource constrained devices and the Internet. The entire IoT space is vulnerable to local threats as well as the threats from the Internet. Due to the random deployment of the network nodes and the absence of tamper resistant shield, the resource constrained IoT elements face potential insider attacks even in presence of front line defense mechanism that involved cryptographic protocols. To detect such insidious nodes, an Intrusion Detection System (IDS) is required as a second line of defense. In this paper, we attempt to analyze such potential insider attacks, while reviewing the IDS based countermeasures. We attempt to propose a baseline for designing IDS for 6LoWPAN based IoT system.

The Security Behavior Intentions Scale (SeBIS) measures the computer security attitudes of end-users. Because intentions are a prerequisite for planned behavior, the scale could therefore be useful for predicting users' computer security behaviors. We performed three experiments to identify correlations between each of SeBIS's four sub-scales and relevant computer security behaviors. We found that testing high on the awareness sub-scale correlated with correctly identifying a phishing website; testing high on the passwords sub-scale correlated with creating passwords that could not be quickly cracked; testing high on the updating sub-scale correlated with applying software updates; and testing high on the securement sub-scale correlated with smartphone lock screen usage (e.g., PINs). Our results indicate that SeBIS predicts certain computer security behaviors and that it is a reliable and valid tool that should be used in future research.

Despite decades of effort to combat spam, unwanted and even malicious emails, such as phish which aim to deceive recipients into disclosing sensitive information, still routinely find their way into one’s mailbox. To be sure, email filters manage to stop a large fraction of spam emails from ever reaching users, but spammers and phishers have mastered the art of filter evasion, or manipulating the content of email messages to avoid being filtered. We present a unique behavioral experiment designed to study email filter evasion. Our experiment is framed in somewhat broader terms: given the widespread use of machine learning methods for distinguishing spam and non-spam, we investigate how human subjects manipulate a spam template to evade a classification-based filter. We find that adding a small amount of noise to a filter significantly reduces the ability of subjects to evade it, observing that noise does not merely have a short-term impact, but also degrades evasion performance in the longer term. Moreover, we find that greater coverage of an email template by the classifier (filter) features significantly increases the difficulty of evading it. This observation suggests that aggressive feature reduction—a common practice in applied machine learning—can actually facilitate evasion. In addition to the descriptive analysis of behavior, we develop a synthetic model of human evasion behavior which closely matches observed behavior and effectively replicates experimental findings in simulation.

Cyber-physical systems (CPS) are often network integrated to enable remote management, monitoring, and reporting. Such integration has made them vulnerable to cyber attacks originating from an untrusted network (e.g., the internet). Once an attacker breaches the network security, he could corrupt operations of the system in question, which may in turn lead to catastrophes. Hence there is a critical need to detect intrusions into mission-critical CPS. Signature based detection may not work well for CPS, whose complexity may preclude any succinct signatures that we will need. Specification based detection requires accurate definitions of system behaviour that similarly can be hard to obtain, due to the CPS's complexity and dynamics, as well as inaccuracies and incompleteness of design documents or operation manuals. Formal models, to be tractable, are often oversimplified, in which case they will not support effective detection. In this paper, we study a behaviour-based machine learning (ML) approach for the intrusion detection. Whereas prior unsupervised ML methods have suffered from high missed detection or false-positive rates, we use a high-fidelity CPS testbed, which replicates all main physical and control components of a modern water treatment facility, to generate systematic training data for a supervised method. The method does not only detect the occurrence of a cyber attack at the physical process layer, but it also identifies the specific type of the attack. Its detection is fast and robust to noise. Furthermore, its adaptive system model can learn quickly to match dynamics of the CPS and its operating environment. It exhibits a low false positive (FP) rate, yet high precision and recall.

We propose a new voting scheme, BeleniosRF, that offers both receipt-freeness and end-to-end verifiability. It is receipt-free in a strong sense, meaning that even dishonest voters cannot prove how they voted. We provide a game-based definition of receipt-freeness for voting protocols with non-interactive ballot casting, which we name strong receipt-freeness (sRF). To our knowledge, sRF is the first game-based definition of receipt-freeness in the literature, and it has the merit of being particularly concise and simple. Built upon the Helios protocol, BeleniosRF inherits its simplicity and does not require any anti-coercion strategy from the voters. We implement BeleniosRF and show its feasibility on a number of platforms, including desktop computers and smartphones.

WSN is a collection of tiny nodes that used to absorb the natural phenomenon from the operational environment and send it to the control station to extract the useful information. In most of the Existing Systems, the assumption is that the operational environment of the sensor nodes deployed is trustworthy and secure by means of some cryptographic operations and existing trust model. But in the reality it is not the case. Most of the existing systems lacks in providing reliable security to the sensor nodes. To overcome the above problem, in this paper, Beta Reputation and Direct Trust Model (BRDT) is the combination of Direct Trust and Beta Reputation Trust for secure communication in Wireless Sensor Networks. This model is used to perform secure routing in WSN. Overall, the method provides an efficient trust in WSN compared to existing methods.

In this study, we report on techniques and analyses that enable us to capture Internet-wide activity at individual IP address-level granularity by relying on server logs of a large commercial content delivery network (CDN) that serves close to 3 trillion HTTP requests on a daily basis. Across the whole of 2015, these logs recorded client activity involving 1.2 billion unique IPv4 addresses, the highest ever measured, in agreement with recent estimates. Monthly client IPv4 address counts showed constant growth for years prior, but since 2014, the IPv4 count has stagnated while IPv6 counts have grown. Thus, it seems we have entered an era marked by increased complexity, one in which the sole enumeration of active IPv4 addresses is of little use to characterize recent growth of the Internet as a whole. With this observation in mind, we consider new points of view in the study of global IPv4 address activity. Our analysis shows significant churn in active IPv4 addresses: the set of active IPv4 addresses varies by as much as 25% over the course of a year. Second, by looking across the active addresses in a prefix, we are able to identify and attribute activity patterns to networkm restructurings, user behaviors, and, in particular, various address assignment practices. Third, by combining spatio-temporal measures of address utilization with measures of traffic volume, and sampling-based estimates of relative host counts, we present novel perspectives on worldwide IPv4 address activity, including empirical observation of under-utilization in some areas, and complete utilization, or exhaustion, in others.

A major challenge of the existing attack detection approaches is the identification of relevant information to a particular situation, and the use of such information to perform multi-evidence intrusion detection. Addressing such a limitation requires integrating several aspects of context to better predict, avoid and respond to impending attacks. The quality and adequacy of contextual information is important to decrease uncertainty and correctly identify potential cyber-attacks. In this paper, a systematic methodology has been used to identify contextual dimensions that improve the effectiveness of detecting cyber-attacks. This methodology combines graph, probability, and information theories to create several context-based attack prediction models that analyze data at a high- and low-level. An extensive validation of our approach has been performed using a prototype system and several benchmark intrusion detection datasets yielding very promising results.

Computing researchers have long focused on improving energy-efficiency under the implicit assumption that all energy is created equal. Yet, this assumption is actually incorrect: energy's cost and carbon footprint vary substantially over time. As a result, consuming energy inefficiently when it is cheap and clean may sometimes be preferable to consuming it efficiently when it is expensive and dirty. Green datacenters adapt their energy usage to optimize for such variations, as reflected in changing electricity prices or renewable energy output. Thus, we introduce energy-agility as a new metric to evaluate green datacenter applications. To illustrate fundamental tradeoffs in energy-agile design, we develop GreenSort, a distributed sorting system optimized for energy-agility. GreenSort is representative of the long-running, massively-parallel, data-intensive tasks that are common in datacenters and amenable to delays from power variations. Our results demonstrate the importance of energy-agile design when considering the benefits of using variable power. For example, we show that GreenSort requires 31% more time and energy to complete when power varies based on real-time electricity prices versus when it is constant. Thus, in this case, real-time prices should be at least 31% lower than fixed prices to warrant using them.