Biblio

Searchable symmetric encryption (SSE) is an important technique for cloud computing. SSE allows encrypted critical data stored on an untrusted cloud server to be searched using keywords, returning correct data, but the keywords and data content are unknown by the server. However, an SSE database is not practical because the data is generally frequently modified even when stored on a remote server, since the server cannot update the encrypted data without decryption. Dynamic searchable symmetric encryption (DSSE) is designed to support this requirement. DSSE allows adding or deleting encrypted data on the server without decryption. Many DSSE systems have been proposed, based on link-list structures or blind storage (a new primitive). Each has advantages and drawbacks regarding function, extensibility, and efficiency. For a real system, the most important aspect is the tradeoff between performance and security. Therefore, we implemented several DSSE systems to compare their efficiency and security, and identify the various disadvantages with a view to developing an improved system.

We consider a cloud-based control architecture for a linear plant with Gaussian process noise, where the state of the plant contains a client's sensitive information. We assume that the cloud tries to estimate the state while executing a designated control algorithm. The mutual information between the client's actual state and the cloud's estimate is adopted as a measure of privacy loss. We discuss the necessity of uplink and downlink privacy masks. After observing that privacy is not necessarily a monotone function of the noise levels of privacy masks, we discuss the joint design procedure for uplink and downlink privacy masks. Finally, the trade-off between privacy and control performance is explored.

The fast advancement in the last two decades proposed a new challenge in security. In addition, the methods used to secure information are drawing more attention and under intense investigation by researchers around the globe. However, securing data is a very hard task, due to the escalation of threat levels. Several technologies and techniques developed and used to secure data throughout communication or by direct access to the information as an example encryption techniques and authentication techniques. A most recent development methods used to enhance security is by using human biometric characteristics such as thumb, hand, eye, cornea, and DNA; to enforce the security of a system toward higher level, human DNA is a promising field and human biometric characteristics can enhance the security of any system using biometric features for authentication. Furthermore, the proposed methods does not fulfil or present the ultimate solution toward tightening the system security. However, one of the proposed solutions enroll a technique to encrypt the biometric characteristic using a well-known cryptosystem technique. In this paper, an overview presented on the benefits of incorporating a human DNA based security systems and the overall effect on how such systems enhance the security of a system. In addition, an algorithm is proposed for practical application and the implementation discussed briefly.

Biometrics manages the computerized acknowledgment of people dependent on natural and social attributes. The example acknowledgment framework perceives an individual by deciding the credibility of a particular conduct normal for person. The primary rule of biometric framework is recognizable proof and check. A biometric confirmation framework use fingerprints, face, hand geometry, iris, and voice, mark, and keystroke elements of a person to recognize an individual or to check a guaranteed character. Biometrics authentication is a form of identification and access control process which identify individuals in packs that are under reconnaissance. Biometric security system increase in the overall security and individuals no longer have to deal with lost ID Cards or forgotten passwords. It helps much organization to see everyone is at a certain time when something might have happened that needs reviewed. The current issues in biometric system with individuals and many organization facing are personal privacy, expensive, data's may be stolen.

In the modern security-conscious world, Deep Packet Inspection (DPI) proxies are increasingly often used on industrial and enterprise networks to perform TLS unwrapping on all outbound connections. However, enabling TLS unwrapping requires local devices to have the DPI proxy Certificate Authority certificates installed. While for conventional computing devices this is addressed via enterprise management, it's a difficult problem for Internet of Things ("IoT") devices which are generally not under enterprise management, and may not even be capable of it due to their resource-constrained nature. Thus, for typical IoT devices, being installed on a network with DPI requires either manual device configuration or custom DPI proxy configuration, both of which solutions have significant shortcomings. This poses a serious challenge to the deployment of IoT devices on DPI-enabled intranets. The authors propose a solution to this problem: a method of installing on IoT devices the CA certificates for DPI proxy CAs, as well as other security configuration ("security bootstrapping"). The proposed solution respects the DPI policies, while allowing the commissioning of IoT and IIoT devices without the need for additional manual configuration either at device scope or at network scope. This is accomplished by performing the bootstrap operation over unsecured connection, and downloading certificates using TLS validation at application level. The resulting solution is light-weight and secure, yet does not require validation of the DPI proxy's CA certificates in order to perform the security bootstrapping, thus avoiding the chicken-and-egg problem inherent in using TLS on DPI-enabled intranets.

Malware analysis and detection based on it is very important factor in the computer security. Despite of the enormous effort of companies making anti-malware solutions, it is usually not possible to respond to new malware in time and some computers will get infected. This shortcoming could be partially mitigated through using behavioral malware analysis. This work is aimed towards machine learning algorithms comparison for the behavioral malware analysis purposes.

Bio-modalities are ideal for user authentication in Medical Cyber-Physical Systems. Various forms of bio-modalities, such as the face, iris, fingerprint, are commonly used for secure user authentication. Concurrently, various spoofing approaches have also been developed over time which can fail traditional bio-modality detection systems. Image synthesis with play-doh, gelatin, ecoflex etc. are some of the ways used in spoofing bio-identifiable property. Since the bio-modality detection sensors are small and resource constrained, heavy-weight detection mechanisms are not suitable for these sensors. Recently, Fog based architectures are proposed to support sensor management in the Medical Cyber-Physical Systems (MCPS). A thin software client running in these resource-constrained sensors can enable communication with fog nodes for better management and analysis. Therefore, we propose a fog-based security application to detect bio-modality spoofing in a Fog based MCPS. In this regard, we propose a machine learning based security algorithm run as an application at the fog node using a binarized multi-factor boosted ensemble learner algorithm coupled with feature selection. Our proposal is verified on real datasets provided by the Replay Attack, Warsaw and LiveDet 2015 Crossmatch benchmark for face, iris and fingerprint modality spoofing detection used for authentication in an MCPS. The experimental analysis shows that our approach achieves significant performance gain over the state-of-the-art approaches.

In this paper, we propose a video surveillance system based on blockchain system. The proposed system consists of a blockchain network with trusted internal managers. The metadata of the video is recorded on the distributed ledger of the blockchain, thereby blocking the possibility of forgery of the data. The proposed architecture encrypts and stores the video, creates a license within the blockchain, and exports the video. Since the decryption key for the video is managed by the private DB of the blockchain, it is not leaked by the internal manager unauthorizedly. In addition, the internal administrator can manage and export videos safely by exporting the license generated in the blockchain to the DRM-applied video player.

Machine learning experts prefer to think of their input as a single, homogeneous, and consistent data set. However, when analyzing large volumes of data, the entire data set may not be manageable on a single server, but must be stored on a distributed file system instead. Moreover, with the pressing demand to deliver explainable models, the experts may no longer focus on the machine learning algorithms in isolation, but must take into account the distributed nature of the data stored, as well as the impact of any data pre-processing steps upstream in their data analysis pipeline. In this paper, we make the point that even basic transformations during data preparation can impact the model learned, and that this is exacerbated in a distributed setting. We then sketch our vision of end-to-end explainability of the model learned, taking the pre-processing into account. In particular, we point out the potentials of linking the contributions of research on data provenance with the efforts on explainability in machine learning. In doing so, we highlight pitfalls we may experience in a distributed system on the way to generating more holistic explanations for our machine learning models.

This paper considers the use of novel technologies for mitigating attacks that aim at compromising intrusion detection systems (IDSs). Solutions based on collaborative intrusion detection networks (CIDNs) could increase the resilience against such attacks as they allow IDS nodes to gain knowledge from each other by sharing information. However, despite the vast research in this area, trust management issues still pose significant challenges and recent works investigate whether these could be addressed by relying on blockchain and related distributed ledger technologies. Towards that direction, the paper proposes the use of a trust-based blockchain in CIDNs, referred to as trust-chain, to protect the integrity of the information shared among the CIDN peers, enhance their accountability, and secure their collaboration by thwarting insider attacks. A consensus protocol is proposed for CIDNs, which is a combination of a proof-of-stake and proof-of-work protocols, to enable collaborative IDS nodes to maintain a reliable and tampered-resistant trust-chain.

In trying to lower the costs of integrated circuit (IC) fabrication, the IC supply chain is becoming global. However, if the foundry or the supply chain, to which the fabrication process is outsourced, is not reliable or trustworthy, it may result in the quality of ICs being compromised. There have been well documented instances of counterfeit chips, and chips secretly implanted with Trojans, creeping into the supply chain. With the above background in mind, we propose to strengthen the supply chain process by attempting to use a very secure technique which has been widely used in many other fields, namely, the blockchain technology. Blockchain, first introduced for the security and mining of bitcoins, is one of the most trusted security techniques in today's world. In this paper, we propose a blockchain technology enabled `smart contract' approach for ensuring the security and trust of these ICs by tracking down the stage of alteration at which the chip may have been compromised in the IC supply chain.

Deception, both offensive and defensive, is a fundamental tactic in warfare and a well-studied topic in biology. Living organisms use a variety deception tools, including mimicry, camouflage, and nocturnality. Evolutionary biologists have published a variety of formal models for deception in nature. Deception in these models is fundamentally based on misclassification of signals between the entities of the system, represented as a tripartite relation between two signal senders, the “model” and the “mimic”, and a signal receiver, called the “dupe”. Examples of relations between entities include attraction, repulsion and expected advantage gained or lost from the interaction. Using this representation, a multitude of deception systems can be described. Some deception systems in cybersecurity are well-known. Consider, for example, all of the many different varieties of “honey-things” used to ensnare attackers. The study of deception in cybersecurity is limited compared to the richness found in biology. While multiple ontologies of deception in cyberenvironments exist, these are primarily lists of terms without a greater organizing structure. This is both a lost opportunity and potentially quite dangerous: a lost opportunity because defenders may be missing useful defensive deception strategies; dangerous because defenders may be oblivious to ongoing attacks using previously unidentified types of offensive deception. In this paper, we extend deception models from biology to present a framework for identifying relations in the cyber-realm analogous to those found in nature. We show how modifications of these relations can create, enhance or on the contrary prevent deception. From these relations, we develop a framework of cyber-deception types, with examples, and a general model for cyber-deception. The signals used in cyber-systems, which are not directly tied to the “Natural” world, differ significantly from those utilized in biologic mimicry systems. However, similar concepts supporting identity exist and are discussed in brief.

Several efforts are currently active in dealing with scenarios combining fog, cloud computing, out of which a significant proportion is devoted to control, and manage the resulting scenario. Certainly, although many challenging aspects must be considered towards the design of an efficient management solution, it is with no doubt that whatever the solution is, the quality delivered to the users when executing services and the security guarantees provided to the users are two key aspects to be considered in the whole design. Unfortunately, both requirements are often non-convergent, thus making a solution suitably addressing both aspects is a challenging task. In this paper, we propose a decoupled transversal security strategy, referred to as DCF, as a novel architectural oriented policy handling the QoS-Security trade-off, particularly designed to be applied to combined fog-to-cloud systems, and specifically highlighting its impact on the delivered QoS.

Software Defined Networking (SDN) technology increases the evolution of Internet and network development. SDN, with its logical centralization of controllers and global network overview changes the network's characteristics, on term of flexibility, availability and programmability. However, this development increased the network communication security challenges. To enhance the SDN security, we propose the BCFR solution to avoid false flow rules injection in SDN data layer devices. In this solution, we use the blockchain technology to provide the controller authentication and the integrity of the traffic flow circulated between the controller and the other network elements. This work is implemented using OpenStack platform and Onos controller. The evaluation results show the effectiveness of our proposal.

Physical-layer security (PLS) has raised the attention of the research community in recent years, particularly for Internet of things (IoT) applications. Despite the use of classical cryptography, PLS provides security at physical layer, regardless of the computational power owned by the attacker. The investigations on PLS are numerous in the literature, but one main issue seems to be kept apart: how to measure the benefit that PLS can bring to cryptography? This paper tries to answer this question with an initial performance analysis of PLS in conjunction with typical cryptography of wireless communication protocols. Our results indicate that PLS can help cryptography to harden the attacker job in real operative scenario: PLS can increase the detection errors at the attacker's receiver, leading to inability to recover the cipher key, even if the plaintext is known.

Software Defined Networking (SDN) is an emerging architecture providing services on a priority basis for real-time communication, by pulling out the intelligence from the hardware and developing a better management system for effective networking. Denial of service (DoS) attacks pose a significant threat to SDN, as it can disable the genuine hosts and routers by exhausting their resources. It is thus vital to provide efficient traffic management, both at the data layer and the control layer, thereby becoming more responsive to dynamic network threats such as DoS. Existing DoS prevention and mitigation models for SDN are computationally expensive and are slow to react. This paper introduces a novel biologically inspired architecture for SDN to detect DoS flooding attacks. The proposed biologically inspired architecture utilizes the concepts of the human immune system to provide a robust solution against DoS attacks in SDNs. The two layer immune inspired framework, viz innate layer and adaptive layer, is initiated at the data layer and the control layer of SDN, respectively. The proposed model is reactive and lightweight for DoS mitigation in SDNs.

Generating adversarial samples is gathering much attention as an intuitive approach to evaluate the robustness of learning models. Extensive recent works have demonstrated that numerous advanced image classifiers are defenseless to adversarial perturbations in the white-box setting. However, the white-box setting assumes attackers to have prior knowledge of model parameters, which are generally inaccessible in real world cases. In this paper, we concentrate on the hard-label black-box setting where attackers can only pose queries to probe the model parameters responsible for classifying different images. Therefore, the issue is converted into minimizing non-continuous function. A black-box approach is proposed to address both massive queries and the non-continuous step function problem by applying a combination of a linear fine-grained search, Fibonacci search, and a zeroth order optimization algorithm. However, the input dimension of a image is so high that the estimation of gradient is noisy. Hence, we adopt a zeroth-order optimization method in high dimensions. The approach converts calculation of gradient into a linear regression model and extracts dimensions that are more significant. Experimental results illustrate that our approach can relatively reduce the amount of queries and effectively accelerate convergence of the optimization method.

In this paper, we focuses on an access control issue in the Internet of Things (IoT). Generally, we firstly propose a decentralized IoT system based on blockchain. Then we establish a secure fine-grained access control strategies for users, devices, data, and implement the strategies with smart contract. To trigger the smart contract, we design different transactions. Finally, we use the multi-index table struct for the access right's establishment, and store the access right into Key-Value database to improve the scalability of the decentralized IoT system. In addition, to improve the security of the system we also store the access records on the blockchain and database.

The technological evolution brought by the Internet of things (IoT) comes with new forms of cyber-attacks exploiting the complexity and heterogeneity of IoT networks, as well as, the existence of many vulnerabilities in IoT devices. The detection of compromised devices, as well as the collection and preservation of evidence regarding alleged malicious behavior in IoT networks, emerge as areas of high priority. This paper presents a blockchain-based solution, which is designed for the smart home domain, dealing with the collection and preservation of digital forensic evidence. The system utilizes a private forensic evidence database, where the captured evidence is stored, along with a permissioned blockchain that allows providing security services like integrity, authentication, and non-repudiation, so that the evidence can be used in a court of law. The blockchain stores evidences' metadata, which are critical for providing the aforementioned services, and interacts via smart contracts with the different entities involved in an investigation process, including Internet service providers, law enforcement agencies and prosecutors. A high-level architecture of the blockchain-based solution is presented that allows tackling the unique challenges posed by the need for digitally handling forensic evidence collected from IoT networks.

Deep machine learning techniques have shown promising results in network traffic classification, however, the robustness of these techniques under adversarial threats is still in question. Deep machine learning models are found vulnerable to small carefully crafted adversarial perturbations posing a major question on the performance of deep machine learning techniques. In this paper, we propose a black-box adversarial attack on network traffic classification. The proposed attack successfully evades deep machine learning-based classifiers which highlights the potential security threat of using deep machine learning techniques to realize autonomous networks.

Underwater wireless communication is a critical and challenging research area wherein acoustic signals are used to transfer data. The Underwater Wireless Sensor Network (UWSN) is used to transmit data sensed by the sensors in the sea bed to the surface sinks through intermediate nodes for seismic surveillance, border security and underwater environment monitoring applications. The nodes comprising of UWSN are battery operated and are subjected to failures leading to connectivity loss. And the propagation delay in sending the data in the form of acoustic signals is found to be high and as the depth increases the transmission delay also increases. Hence, routing in UWSN is a complex problem. The simulation experiments of the delay sensitive protocols are found to minimize the delay at the expense of network throughput which is not acceptable. The energy aware routing protocols on the other hand reduces energy consumption and routing overhead but has high delay involved in transmission. In this study, transmission delay and reliability estimation models are developed using which bi-objective routing model is proposed considering both delay and reliability in route selection. In the simulation studies, the bi-objective model reduced delay on an average by 9% and the reliability of the network is improved by 34% when compared to the delay sensitive and reliable routing strategies.

The Internet of Things (IoT) visualizes a massive network with billions of interaction among smart things which are capable of contributing all sorts of services. Self-configuring things (nodes) are connected dynamically with a global network in IoT scenario. The small things are widely spread in a real world paradigm with minimal processing capacity and limited storage. The recent IoT technologies have more concerns about the security, privacy and reliability. Sharing personal data over the centralized system still remains as a challenging task. If the infrastructure is able to provide the assurance for transferring the data but for now it requires special attention on security and data consistency. Because, centralized system and infrastructure is viewed as a more attractive point for hacker or cyber-attacker. To solve this we present a secured smart contract based on Blockchain to develop a secured communicative network. A Hash based secret key is used for encryption and decryption purposes. A demo attack is done for developing a better understanding on blockchain technology in terms of their comparison and calculation.

Physically Unclonable Functions (PUFs) promise to be a critical hardware primitive to provide unique identities to billions of connected devices in Internet of Things (IoTs). In traditional authentication protocols a user presents a set of credentials with an accompanying proof such as password or digital certificate. However, IoTs need more evolved methods as these classical techniques suffer from the pressing problems of password dependency and inability to bind access requests to the “things” from which they originate. Additionally, the protocols need to be lightweight and heterogeneous. Although PUFs seem promising to develop such mechanism, it puts forward an open problem of how to develop such mechanism without needing to store the secret challenge-response pair (CRP) explicitly at the verifier end. In this paper, we develop an authentication and key exchange protocol by combining the ideas of Identity based Encryption (IBE), PUFs and Key-ed Hash Function to show that this combination can help to do away with this requirement. The security of the protocol is proved formally under the Session Key Security and the Universal Composability Framework. A prototype of the protocol has been implemented to realize a secured video surveillance camera using a combination of an Intel Edison board, with a Digilent Nexys-4 FPGA board consisting of an Artix-7 FPGA, together serving as the IoT node. We show, though the stand-alone video camera can be subjected to man-in-the-middle attack via IP-spoofing using standard network penetration tools, the camera augmented with the proposed protocol resists such attacks and it suits aptly in an IoT infrastructure making the protocol deployable for the industry.

This paper introduces a secured and distributed Big Data storage scheme with multiple authorizations. It divides the Big Data into small chunks and distributes them through multiple Cloud locations. The Shamir's Secret Sharing and Secure Hash Algorithm are employed to provide the security and authenticity of this work. The proposed methodology consists of two phases: the distribution and retrieving phases. The distribution phase comprises three operations of dividing, encrypting, and distribution. The retrieving phase performs collecting and verifying operations. To increase the security level, the encryption key is divided into secret shares using Shamir's Algorithm. Moreover, the Secure Hash Algorithm is used to verify the Big Data after retrieving from the Cloud. The experimental results show that the proposed design can reconstruct a distributed Big Data with good speed while conserving the security and authenticity properties.

The Dark Web, a conglomerate of services hidden from search engines and regular users, is used by cyber criminals to offer all kinds of illegal services and goods. Multiple Dark Web offerings are highly relevant for the cyber security domain in anticipating and preventing attacks, such as information about zero-day exploits, stolen datasets with login information, or botnets available for hire. In this work, we analyze and discuss the challenges related to information gathering in the Dark Web for cyber security intelligence purposes. To facilitate information collection and the analysis of large amounts of unstructured data, we present BlackWidow, a highly automated modular system that monitors Dark Web services and fuses the collected data in a single analytics framework. BlackWidow relies on a Docker-based micro service architecture which permits the combination of both preexisting and customized machine learning tools. BlackWidow represents all extracted data and the corresponding relationships extracted from posts in a large knowledge graph, which is made available to its security analyst users for search and interactive visual exploration. Using BlackWidow, we conduct a study of seven popular services on the Deep and Dark Web across three different languages with almost 100,000 users. Within less than two days of monitoring time, BlackWidow managed to collect years of relevant information in the areas of cyber security and fraud monitoring. We show that BlackWidow can infer relationships between authors and forums and detect trends for cybersecurity-related topics. Finally, we discuss exemplary case studies surrounding leaked data and preparation for malicious activity.