Biblio

Agile and DevOps are widely adopted by the industry. Hence, integrating security activities with industrial practices, such as continuous integration (CI) pipelines, is necessary to detect security flaws and adhere to regulators’ demands early. In this paper, we analyze automated security activities in CI pipelines of enterprise-driven open source software (OSS). This shall allow us, in the long-run, to better understand the extent to which security activities are (or should be) part of automated pipelines. In particular, we mine publicly available OSS repositories and survey a sample of project maintainers to better understand the role that security activities and their related tools play in their CI pipelines. To increase transparency and allow other researchers to replicate our study (and to take different perspectives), we further disclose our research artefacts.Our results indicate that security activities in enterprise-driven OSS projects are scarce and protection coverage is rather low. Only 6.83% of the analyzed 8,243 projects apply security automation in their CI pipelines, even though maintainers consider security to be rather important. This alerts industry to keep the focus on vulnerabilities of 3rd Party software and it opens space for other improvements of practice which we outline in this manuscript.

Machine learning inference engine is of great interest to smart edge computing. Compute-in-memory (CIM) architecture has shown significant improvements in throughput and energy efficiency for hardware acceleration. Emerging nonvolatile memory (eNVM) technologies offer great potentials for instant on and off by dynamic power gating. Inference engine is typically pre-trained by the cloud and then being deployed to the field. There is a new security concern on cloning of the weights stored on eNVM-based CIM chip. In this paper, we propose a countermeasure to the weight cloning attack by exploiting the process variations of the periphery circuitry. In particular, we use weight fine-tuning to compensate the analog-to-digital converter (ADC) offset for a specific chip instance while inducing significant accuracy drop for cloned chip instances. We evaluate our proposed scheme on a CIFAR-10 classification task using a VGG- 8 network. Our results show that with precisely chosen transistor size on the employed SAR-ADC, we could maintain 88% 90% accuracy for the fine-tuned chip while the same set of weights cloned on other chips will only have 20 40% accuracy on average. The weight fine-tune could be completed within one epoch of 250 iterations. On average only 0.02%, 0.025%, 0.142% of cells are updated for 2-bit, 4-bit, 8-bit weight precisions in each iteration.

With the rapid development of traffic encryption technology and the continuous emergence of various network services, the classification of encrypted zero-day applications has become a major challenge in network supervision. More seriously, many attackers will utilize zero-day applications to hide their attack behaviors and make attack undetectable. However, there are very few existing studies on zero-day applications. Existing works usually select and label zero-day applications from unlabeled datasets, and these are not true zero-day applications classification. To address the classification of zero-day applications, this paper proposes an Encrypted Zero-day Applications Classification (EZAC) method that combines Convolutional Neural Network (CNN) and K-Means, which can effectively classify zero-day applications. We first use CNN to classify the flows, and for the flows that may be zero-day applications, we use K-Means to divide them into several categories, which are then manually labeled. Experimental results show that the EZAC achieves 97.4% accuracy on a public dataset (CIC-Darknet2020), which outperforms the state-of-the-art methods.

Pairings on elliptic curves are exploited for pairing-based cryptography, e.g., ID-based encryption and group signature authentication. For secure cryptography, it is important to choose the curves that have resistance to a special variant of the tower number field sieve (TNFS) that is an attack for the finite fields. However, for the pairings on several curves with embedding degree \$k=\10,11,13,14\\$ resistant to the special TNFS, efficient algorithms for computing the final exponentiation constructed by the lattice-based method have not been provided. For these curves, the authors present efficient algorithms with the calculation costs in this manuscript.

This work investigates entropy-based prevention of Distributed Denial-of-Service (DDoS) attacks for Software Defined Networks (SDN). The experiments are conducted on a virtual SDN testbed setup within Mininet, a Linux-based network emulator. An arms race iterates on the SDN testbed between offense, launching botnet-based DDoS attacks with progressive sophistications, and defense who is deploying SDN controls with emerging technologies from other faucets of cyber engineering. The investigation focuses on the transmission control protocol’s synchronize flood attack that exploits vulnerabilities in the three-way TCP handshake protocol, to lock up a host from serving new users.The defensive strategy starts with a common packet filtering-based design from the literature to mitigate attacks. Utilizing machine learning algorithms, SDNs actively monitor all possible traffic as a collective dataset to detect DDoS attacks in real time. A constant upgrade to a stronger defense is necessary, as cyber/network security is an ongoing front where attackers always have the element of surprise. The defense further invests on entropy methods to improve early detection of DDoS attacks within the testbed environment. Entropy allows SDNs to learn the expected normal traffic patterns for a network as a whole using real time mathematical calculations, so that the SDN controllers can sense the distributed attack vectors building up before they overwhelm the network.This work reveals the vulnerabilities of SDNs to stealthy DDoS attacks and demonstrates the effectiveness of deploying entropy in SDN controllers for detection and mitigation purposes. Future work includes provisions to use these entropy detection methods, as part of a larger system, to redirect traffic and protect networks dynamically in real time. Other types of DoS, such as ransomware, will also be considered.

Post-quantum digital signature is a critical primitive of computer security in the era of quantum hegemony. As a finalist of the post-quantum cryptography standardization process, the theoretical security of the CRYSTALS-Dilithium (Dilithium) signature scheme has been quantified to withstand classical and quantum cryptanalysis. However, there is an inherent power side-channel information leakage in its implementation instance due to the physical characteristics of hardware.This work proposes an efficient non-profiled Correlation Power Analysis (CPA) strategy on Dilithium to recover the secret key by targeting the underlying polynomial multiplication arithmetic. We first develop a conservative scheme with a reduced key guess space, which can extract a secret key coefficient with a 99.99% confidence using 157 power traces of the reference Dilithium implementation. However, this scheme suffers from the computational overhead caused by the large modulus in Dilithium signature. To further accelerate the CPA run-time, we propose a fast two-stage scheme that selects a smaller search space and then resolves false positives. We finally construct a hybrid scheme that combines the advantages of both schemes. Real-world experiment on the power measurement data shows that our hybrid scheme improves the attack’s execution time by 7.77×.

Modern embedded systems need to cater for several needs depending upon the application domain in which they are deployed. For example, mixed-critically needs to be considered for real-time and safety-critical systems and energy for battery-operated systems. At the same time, many of these systems demand for their reliability and security as well. With electronic systems being used for increasingly varying type of applications, novel challenges have emerged. For example, with the use of embedded systems in increasingly complex applications that execute tasks with varying priorities, mixed-criticality systems present unique challenges to designing reliable systems. The large design space involved in implementing cross-layer reliability in heterogeneous systems, particularly for mixed-critical systems, poses new research problems. Further, malicious security attacks on these systems pose additional extraordinary challenges in the system design. In this paper, we cover both the industry and academia perspectives of the challenges posed by these emergent aspects of system design towards designing highperformance, energy-efficient, reliable and/or secure embedded systems. We also provide our views on paths forward.

Facial expression recognition has long been established as a subject of continuous research in various fields. In this study, feature extraction was conducted by calculating the distance between facial landmarks in an image. The extracted features of the relationship between each landmark and analysis were used to classify five facial expressions. We increased the data and label reliability based on our labeling work with multiple observers. Additionally, faces were recognized from the original data, and landmark coordinates were extracted and used as features. A genetic algorithm was used to select features that were relatively more helpful for classification. We performed facial recognition classification and analysis using the method proposed in this study, which showed the validity and effectiveness of the proposed method.

The Internet is evolving everywhere and expanding its entity globally. The IoT(Internet of things) is a new and interesting concept introduced in this world of internet. Generally it is interconnected computing device which can be embedded in our daily routine objects through which we can send and receive data. It is beyond connecting computers and laptops only although it can connect billion of devices. It can be described as reliable method of communication that also make use of other technologies like wireless sensor, QR code etc. IoT (Internet of Things) is making everything smart with use of technology like smart homes, smart cities, smart watches. In this chapter, we will study the security algorithms in IoT (Internet of Things) which can be achieved with encryption process. In the world of IoT, data is more vulnerable to threats. So as to protect data integrity, data confidentiality, we have Light weight Encryption Algorithms like symmetric key cryptography and public key cryptography for secure IoT (Internet of Things) named as Secure IoT. Because it is not convenient to use full encryption algorithms that require large memory size, large program code and larger execution time. Light weight algorithms meet all resource constraints of small memory size, less execution time and efficiency. The algorithms can be measured in terms of key size, no of blocks and algorithm structure, chip size and energy consumption. Light Weight Techniques provides security to smart object networks and also provides efficiency. In Symmetric Key Cryptography, two parties can have identical keys but has some practical difficulty. Public Key Cryptography uses both private and public key which are related to each other. Public key is known to everyone while private key is kept secret. Public Key cryptography method is based on mathematical problems. So, to implement this method, one should have a great expertise.

The article proposes a general approach to the implementation of encryption schemes based on the group of automorphisms of the Hermitian functional field. The three-parameter group is used with logarithmic captions outside the center of the group. This time we applied for an encryption scheme based on a Hermitian function field with homomorphic encryption. The use of homomorphic encryption is an advantage of this implementation. The complexity of the attack and the size of the encrypted message depends on the strength of the group.

Wireless Sensor Networks (WSNs) have limited energy resource which requires authentic data transmission at a minimum cost. The major challenge is to deploy WSN with limited energy and lifetime of nodes while taking care of secure data communication. The transmission of data from the wireless channels may cause many losses such as fading, noise, bit error rate increases as well as deplete the energy resource from the nodes. To reduce the adverse effects of losses and to save power usage, error control coding (ECC) techniques are widely used and it also brings coding gain. Since WSN have limited energy resource so the selection of ECC is very difficult as both power consumption, as well as BER, has also taken into consideration. This research paper reviews different types of models, their applications, limitations of the sensor networks, and what are different types of future works going to overcome the limitations.

The recent events regarding worldwide human health sped up research efforts and resulted in the tremendous development of new technologies and applications. The last decade proved that new technologies find a proper place in worldwide human health and wellbeing, therefore the security of data during wireless transmission in medical facilities and for medical devices has become a research area of considerable importance. To provide enhanced security using conventional visible light wireless communication, we propose in this paper a novel communication protocol based on asymmetric encryption with a private key. We base the wireless communication protocol described in this work on a data encryption method using block chipers, and we propose it for medical facilities and devices with visible light transmission technology embedded. The asymmetric encryption with a private key algorithm, as part of a transmission protocol, aim to assure the security of sensitive medical data during wireless communication.

The growth of inter-dependency intricacies of Supervisory Control and Data Acquisition (SCADA) systems in industrial operations generates a likelihood of increased vulnerability to malicious threats and machine learning approaches have been extensively utilized in the research for vulnerability detection. Nonetheless, to improve security, an enhanced vulnerability detection using hyper-parameter-tune machine learning is proposed for early detection, classification and mitigation of SCADA communication and transmission networks by classifying benign, or malicious DNS attacks. The proposed scheme, an ensemble optimizer (GentleBoost) upon hyper-parameter tuning, gave a comparative achievement. From the simulation results, the proposed scheme had an outstanding performance within the shortest possible time with an accuracy of 99.49%, 99.23% for precision, and a recall rate of 99.75%. Also, the model was compared to other contemporary algorithms and outperformed all the other algorithms proving to be an approach to keep abreast of the SCADA network vulnerabilities and attacks.

Cyber resilience has become a strategic point of information security in recent years. In the face of complex attack means and severe internal and external threats, it is difficult to achieve 100% protection against information systems. It is necessary to enhance the continuous service of information systems based on network resiliency and take appropriate compensation measures in case of protection failure, to ensure that the mission can still be achieved under attack. This paper combs the definition, cycle, and state of cyber resilience, and interprets the cyber resiliency engineering framework, to better understand cyber resilience. In addition, we also discuss the evolution of security architecture and analyze the impact of cyber resiliency on security architecture. Finally, the strategies and schemes of enhancing cyber resilience represented by zero trust and endogenous security are discussed.

Internet Protocol (IP) address holds a probative value to the identification process in digital forensics. The decimal digit is a unique identifier that is beneficial in many investigations (i.e., network, email, memory). IP addresses can reveal important information regarding the device that the user uses during Internet activity. One of the things that IP addresses can essentially help digital forensics investigators in is the identification of the user machine and tracing evidence based on network artifacts. Unfortunately, it appears that some of the well-known digital forensic tools only provide functions to recover IP addresses from a given forensic image. Thus, there is still a gap in answering if IP addresses found in a smartphone can help reveal the user’s location and be used to aid investigators in identifying IP addresses that complement the user’s physical location. Furthermore, the lack of utilizing IP mapping and visualizing techniques has resulted in the omission of such digital evidence. This research aims to emphasize the importance of geolocation data in digital forensic investigations, propose an IP visualization technique considering several sources of evidence, and enhance the investigation process’s speed when its pertained to IP addresses using spatial analysis. Moreover, this research proposes a proof-of-concept (POC) standalone tool that can match critical IP addresses with approximate geolocations to fill the gap in this area.

We propose a voting ensemble of models trained by using block-wise transformed images with secret keys against black-box attacks. Although key-based adversarial defenses were effective against gradient-based (white-box) attacks, they cannot defend against gradient-free (black-box) attacks without requiring any secret keys. In the proposed ensemble, a number of models are trained by using images transformed with different keys and block sizes, and then a voting ensemble is applied to the models. Experimental results show that the proposed defense achieves a clean accuracy of 95.56 % and an attack success rate of less than 9 % under attacks with a noise distance of 8/255 on the CIFAR-10 dataset.

IP Identification (IP ID) is an IP header field that identifies a data packet in the network to distinguish its fragments from others during the reassembly process. Random generated IP ID field could be used as a covert channel by embedding hidden bits within it. This paper uses the support vector machine (SVM) while enabling a features reduction procedure for investigating to what extend could the entropy feature of the IP ID covert channel affect the detection. Then, an entropy-based SVM is employed to evaluate the roles of the IP ID covert channel hidden bits on detection. Results show that, entropy is a distinct discrimination feature in classifying and detecting the IP ID covert channel with high accuracy. Additionally, it is found that each of the type, the number and the position of the hidden bits within the IP ID field has a specified influence on the IP ID covert channel detection accuracy.

To share the recorded ECG data with the cardiologist in Golden Hours in an efficient and secured manner via tele-cardiology may save the lives of the population residing in rural areas of a country. This paper proposes an encryption-authentication scheme for secure the ECG data. The main contribution of this work is to generate a one-time padding key and deploying an encryption algorithm in authentication mode to achieve encryption and authentication. This is achieved by a water cycle optimization algorithm that generates a completely random one-time padding key and Triple Data Encryption Standard (3DES) algorithm for encrypting the ECG data. To validate the accuracy of the proposed encryption authentication scheme, experimental results were performed on standard ECG data and various performance parameters were calculated for it. The results show that the proposed algorithm improves security and passes the statistical key generation test.

Technological progress has changed our world beyond recognition. However, along with the incredible benefits and conveniences we have received new dangers and risks. Mankind is increasingly becoming hostage to information technology and cyber world. Recently, cybercrime is one of the top 10 risks to sustainable development in the world. It poses serious new challenges to global security and economy. The aim of the article is to obtain an assessment of some of the financial effects of modern IT crimes based on an analysis of the main aspects of monetary costs and the hidden economic impact of cybercrime. A multifactor regression model has been proposed to determine the contribution of the cost of the main consequences of IT incidents: business disruption, information loss, revenue loss and equipment damage caused by different types of cyberattacks worldwide in 2019 to total cost of cyberattacks. Information loss has been found to have a major impact on the total cost of cyberattacks, reducing profits and incurring additional costs for businesses. It was built a canonical model for identifying the dependence of total submission to ID ransomware, total cost of cybercrime and the main indicators of economic development for the TOP-10 countries. There is a significant correlation between two sets of indicators, in particular, it is confirmed that most cyberattacks target countries - countries with a high level of development, and the consequences of IT crimes are more significant for low-income countries.

The Z machine is a pulsed power generator located at Sandia National Laboratories in Albuquerque, New Mexico. It is capable of producing a \textbackslashtextgreater20 MA current pulse that is directed onto an experimental load. While a diverse array of experiments are conducted on the Z machine, including x-ray production and dynamic materials science experiments, the focus of this presentation are the Magnetic Liner Inertial Fusion (MagLIF) experiments. In these experiments, an axial magnetic field is applied to the load region, where a cylindrical, fuel-filled metal liner is imploded. We explore the effects of this field on the ability to efficiently couple the generator current to the load, and the extent to which this field interrupts the magnetic insulation of the inner-most transmission line. We find that at the present-day applied field values, the effects of the applied field on current coupling are negligible. Estimates of the potential impact on current coupling of the larger applied field values planned for future experiments are also given. Shunted current is measured with B-dot probes and flyer velocimetry techniques. Analytical calculations, 2D particle-in-cell simulations, and experimental measurements will be presented.

Human-automation shared control is proposed to reduce the risk of driver disengagement in Level-3 autonomous vehicles. Although previous studies have approved shared control strategy is effective to keep a driver in the loop and improve the driver's performance, over- and under-trust may affect the cooperation between the driver and the automation system. This study conducted a human-in-the-loop driving simulation experiment to assess the effects of trust on driver's behavior of shared control. An expert shared control strategy with longitudinal and lateral driving assistance was proposed and implemented in the experiment platform. Based on the experiment (N=24), trust in shared control was evaluated, followed by a correlation analysis of trust and behaviors. Moderating effects of trust on the relationship between gaze focalization and minimum of time to collision were then explored. Results showed that self-reported trust in shared control could be evaluated by three subscales respectively: safety, efficiency and ease of control, which all show stronger correlations with gaze focalization than other behaviors. Besides, with more trust in ease of control, there is a gentle decrease in the human-machine conflicts of mean brake inputs. The moderating effects show trust could enhance the decrease of minimum of time to collision as eyes-off-road time increases. These results indicate over-trust in automation will lead to unsafe behaviors, particularly monitoring behavior. This study contributes to revealing the link between trust and behavior in the context of human-automation shared control. It can be applied in improving the design of shared control and reducing risky behaviors of drivers by further trust calibration.

The mechanism of Fog computing is a distributed infrastructure to provide the computations as same as cloud computing. The fog computing environment provides the storage and processing of data in a distributed manner based on the locality. Fog servicing is better than cloud service for working with smart devices and users in a same locale. However the fog computing will inherit the features of the cloud, it also suffers from many security issues as cloud. One such security issue is authentication with efficient key management between the communicating entities. In this paper, we propose a secured two-way authentication scheme with efficient management of keys between the user mobile device and smart devices under the control of the fog server. We made use of operations such as one-way hash (SHA-512) functions, bitwise XOR, and fuzzy extractor function to make the authentication system to be better. We have verified the proposed scheme for its security effectiveness by using a well-used analysis tool ProVerif. We also proved that it can resist multiple attacks and the security overhead is reduced in terms of computation and communication cost as compared to the existing methods.

The increasingly intensive use of software systems in diverse sectors, especially in business, government, healthcare, and critical infrastructures, makes it essential to deliver code that is secure. In this work, we present two sets of experiments aiming at helping developers to improve software security from the early development stages. The first experiment is focused on using software metrics to build prediction models to distinguish vulnerable from non-vulnerable code. The second experiment studies the hypothesis of developing a consensus-based decision-making approach on top of several machine learning-based prediction models, trained using software metrics data to categorize code units with respect to their security. Such categories suggest a priority (ranking) of software code units based on the potential existence of security vulnerabilities. Results show that software metrics do not constitute sufficient evidence of security issues and cannot effectively be used to build a prediction model to distinguish vulnerable from non-vulnerable code. However, with a consensus-based decision-making approach, it is possible to classify code units from a security perspective, which allows developers to decide (considering the criticality of the system under development and the available resources) which parts of the software should be the focal point for the detection and removal of security vulnerabilities.

Nowadays cloud computing has become the crucial part of IT and most important thing is information security in cloud environment. Range of users can access the facilities and use cloud according to their feasibility. Cloud computing is utilized as safe storage of information but still data security is the biggest concern, for example, secrecy, data accessibility, data integrity is considerable factor for cloud storage. Cloud service providers provide the facility to clients that they can store the data on cloud remotely and access whenever required. Due to this facility, it gets necessary to shield or cover information from unapproved access, hackers or any sort of alteration and malevolent conduct. It is inexpensive approach to store the valuable information and doesn't require any hardware and software to hold the data. it gives excellent work experience but main measure is just security. In this work security strategies have been proposed for cloud data protection, capable to overpower the shortcomings of conventional data protection algorithms and enhancing security using steganography algorithm, encryption decryption techniques, compression and file splitting technique. These techniques are utilized for effective results in data protection, Client can easily access our developed desktop application and share the information in an effective and secured way.

Adaptive authentication systems identify and enforce suitable methods to verify that someone (user) or something (device) is eligible to access a service or a resource. An authentication method is usually adapted in response to changes in the security risk or the user's behaviour. Previous work on adaptive authentication systems provides limited guidance about i) what and how contextual factors can affect the selection of an authentication method; ii) which requirements are relevant to an adaptive authentication system and iii) how authentication methods can affect the satisfaction of the relevant requirements. In this paper, we provide a holistic framework informed by previous research to characterize the adaptive authentication problem and support the development of an adaptive authentication system. Our framework explicitly considers the contextual factors that can trigger an adaptation, the requirements that are relevant during decision making and their trade-offs, as well as the authentication methods that can change as a result of an adaptation. From the gaps identified in the literature, we elicit a set of challenges that can be addressed in future research on adaptive authentication.