Biblio

Web pages aggressively track users for a variety of purposes from targeted advertisements to enhanced authentication. As browsers move to restrict traditional cookie-based tracking, web pages increasingly move to tracking based on browser fingerprinting. Unfortunately, the state-of-the-art to detect fingerprinting in browsers is often error-prone, resorting to imprecise heuristics and crowd-sourced filter lists. This paper presents EssentialFP, a principled approach to detecting fingerprinting on the web. We argue that the pattern of (i) gathering information from a wide browser API surface (multiple browser-specific sources) and (ii) communicating the information to the network (network sink) captures the essence of fingerprinting. This pattern enables us to clearly distinguish fingerprinting from similar types of scripts like analytics and polyfills. We demonstrate that information flow tracking is an excellent fit for exposing this pattern. To implement EssentialFP we leverage, extend, and deploy JSFlow, a state-of-the-art information flow tracker for JavaScript, in a browser. We illustrate the effectiveness of EssentialFP to spot fingerprinting on the web by evaluating it on two categories of web pages: one where the web pages perform analytics, use polyfills, and show ads, and one where the web pages perform authentication, bot detection, and fingerprinting-enhanced Alexa top pages.

Electrocardiogram (ECG) biometric authentication (EBA) is a promising approach for human identification, particularly in consumer devices, due to the individualized, ubiquitous, and easily identifiable nature of ECG signals. Thus, computing architectures for EBA must be accurate, fast, energy efficient, and secure. In this article, first, we implement an EBA algorithm to achieve 100% accuracy in user authentication. Thereafter, we extensively analyze the algorithm to show the distinct variance in execution requirements and reveal the latency bottleneck across the algorithm's different steps. Based on our analysis, we propose a domain-specific architecture (DSA) to satisfy the execution requirements of the algorithm's different steps and minimize the latency bottleneck. We explore different variations of the DSA, including one that features the added benefit of ensuring constant timing across the different EBA steps, in order to mitigate the vulnerability to timing-based side-channel attacks. Our DSA improves the latency compared to a base ARM-based processor by up to 4.24×, while the constant timing DSA improves the latency by up to 19%. Also, our DSA improves the energy by up to 5.59×, as compared to the base processor.

In-Band Full-Duplex (IBFD) Underwater Acoustic (UWA) communication technology plays a major role in enhancing the performance of Underwater acoustic sensor networks (UWSN). Self-Interference (SI) is one of the main inherent challenges affecting the performance of IBFD UWA communication. To reconstruct the SI signal and counteract the SI effect, this is important to estimate the short range channel through which the SI signal passes. Inaccurate estimation will result in the performance degradation of IBFD UWA communication. From the perspective of engineering implementation, we consider that the UWA communication modem shell has a significant influence on the short-range SI channel, which will limit the efficiency of self-interference cancellation in the analog domain to some degree. Therefore we utilize a simplified model to simulate the influence of the structure of the IBFD UWA communication modem on the receiving end. This paper studies the effect of acoustic-shell coupling on near-end self-interference signal of IBFD UWA communication modem. Some suggestions on the design of shell structure of IBFD UWA communication modem are given.

Nanosize multiferroic La-doped YFeO3 powders are harvested via a low-temperature solid-state reaction method. X-ray diffraction (XRD), scanning electron microscopy (SEM) and Raman spectra analysis reveal that with La addition, YFeO3 powders are successfully fabricated at a lower temperature with the size below 60 nm, and a refined structure is obtained. Magnetic hysteresis loop illustrates ferromagnetic behavior of YFeO3 nano particles can be enhanced with La addition. The maximum and remnant magnetization of the powders are about 4.03 and 1.22 emu/g, respectively. It is shown that the optical band gap is around 2.25 eV, proving that La doped YFeO3 nano particles can strongly absorb visible light. Both magnetic and optical properties are greatly enhanced with La addition, proving its potential application in magnetic and optical field.

DeepFake using Generative Adversarial Networks (GANs) tampered videos reveals a new challenge in today's life. With the inception of GANs, generating high-quality fake videos becomes much easier and in a very realistic manner. Therefore, the development of efficient tools that can automatically detect these fake videos is of paramount importance. The proposed DeepFake detection method takes the advantage of the fact that current DeepFake generation algorithms cannot generate face images with varied resolutions, it is only able to generate new faces with a limited size and resolution, a further distortion and blur is needed to match and fit the fake face with the background and surrounding context in the source video. This transformation causes exclusive blur inconsistency between the generated face and its background in the outcome DeepFake videos, in turn, these artifacts can be effectively spotted by examining the edge pixels in the wavelet domain of the faces in each frame compared to the rest of the frame. A blur inconsistency detection scheme relied on the type of edge and the analysis of its sharpness using Haar wavelet transform as shown in this paper, by using this feature, it can determine if the face region in a video has been blurred or not and to what extent it has been blurred. Thus will lead to the detection of DeepFake videos. The effectiveness of the proposed scheme is demonstrated in the experimental results where the “UADFV” dataset has been used for the evaluation, a very successful detection rate with more than 90.5% was gained.

In recent years, IPv6 and its application are more and more widely deployed. Most network devices support and open IPv6 protocol stack. The security of IPv6 network is also concerned. In the IPv6 network security technology, address scanning is a key and difficult point. This paper presents a TGAs-based IPv6 address scanning method. It takes the known alive IPv6 addresses as input, and then utilizes the information entropy and clustering technology to mine the distribution law of seed addresses. Then, the final optimized target address set can be obtained by expanding from the seed address set according to the distribution law. Experimental results show that it can effectively improve the efficiency of IPv6 address scanning.

Over time, the use of wireless technologies has significantly increased due to bandwidth improvements, cost-effectiveness, and ease of deployment. Owing to the ease of access to the communication medium, wireless communications and technologies are inherently vulnerable to attacks. These attacks include brute force attacks such as jamming attacks and those that target the communication protocol (Wi-Fi and Bluetooth protocols). Thus, there is a need to make wireless communication resilient and secure against attacks. Existing wireless protocols and applications have attempted to address the need to improve systems security as well as privacy. They have been highly effective in addressing privacy issues, but ineffective in addressing security threats like jamming and session hijacking attacks and other types of Denial of Service Attacks. In this article, we present an ``architecture for resilient wireless communications'' based on the concept of Moving Target Defense. To increase the difficulty of launching successful attacks and achieve resilient operation, we changed the runtime characteristics of wireless links, such as the modulation type, network address, packet size, and channel operating frequency. The architecture reduces the overhead resulting from changing channel configurations using two communication channels, in which one is used for communication, while the other acts as a standby channel. A prototype was built using Software Defined Radio to test the performance of the architecture. Experimental evaluations showed that the approach was resilient against jamming attacks. We also present a mathematical analysis to demonstrate the difficulty of performing a successful attack against our proposed architecture.

With the proliferation of cloud services, cloud-based image retrieval services enable large-scale image outsourcing and ubiquitous image searching. While enjoying the benefits of the cloud-based image retrieval services, critical privacy concerns may arise in such services since they may contain sensitive personal information. In this paper, we propose an efficient and Privacy-Preserving Image Retrieval scheme with Key Switching Technique (PPIRS). PPIRS utilizes the inner product encryption for measuring Euclidean distances between image feature vectors and query vectors in a privacy-preserving manner. Due to the high dimension of the image feature vectors and the large scale of the image databases, traditional secure Euclidean distance comparison methods provide insufficient search efficiency. To prune the search space of image retrieval, PPIRS tailors key switching technique (KST) for reducing the dimension of the encrypted image feature vectors and further achieves low communication overhead. Meanwhile, by introducing locality sensitive hashing (LSH), PPIRS builds efficient searchable indexes for image retrieval by organizing similar images into a bucket. Security analysis shows that the privacy of both outsourced images and queries are guaranteed. Extensive experiments on a real-world dataset demonstrate that PPIRS achieves efficient image retrieval in terms of computational cost.

Attribute reduction algorithms in rough set theory can be classified into two groups, i.e. heuristics algorithms and computational intelligence algorithms. The former has good search efficiency but it can not find the global optimal reduction. Conversely, the latter is possible to find global optimal reduction but usually suffers from premature convergence. To address this problem, this paper proposes a two-stage algorithm for finding high quality reduction. In first stage, a classical differential evolution algorithm is employed to rapidly approach the optimal solution. When the premature convergence is detected, a local search algorithm which is intuitively a forward-backward heuristics is launched to improve the quality of the reduction. Experiments were performed on six UCI data sets and the results show that the proposed algorithm can outperform the existing computational intelligence algorithms.

Security services and share information is provided by the computer network. The computer network is by default there is not security. The Attackers can use this provision to hack and steal private information. Confidentiality, creation, changes, and truthful of data is will be big problems in the network. Many types of research have given many methods regarding this, from these methods Generating Initial Chromosome Key called Generating Dynamic Chromosome Key (GDCK), which is a novel approach. With the help of the RSA (Rivest Shamir Adleman) algorithm, GICK and GDCK have created an initial key. The proposed method has produced new techniques using genetic fitness function for the sender and receiver. The outcome of GICK and GDCK has been verified by NIST (National Institute of Standards Technology) tools and analyzes randomness of auto-generated keys with various methods. The proposed system has involved three examines; it has been yield better P-Values 6.44, 7.05, and 8.05 while comparing existing methods.

In this work, the efficient evaluation of Sommerfeld integrals (SIs) above an impedance plane is addressed. Started from Weyl's expression of SIs, using the coordinate transformation and steepest descent path approach, an exact single image representation to SIs is derived. This single image representation image eliminates oscillating and slow-decay integrand in traditional SIs, and efficient to calculate. Moreover, the far-field asymptotic behavior of SIs in this case is considered and is represented by the Fresnel-integral related function. A high-order approximation based on series expansion of Fresnel integral is provided for fast evaluation. Finally, the validity of the proposed expressions is verified by numerical examples.

Network traffic classification has a range of applications in network management including QoS and security monitoring. Deep Packet Inspection (DPI) is one of the effective method used for traffic classification. DPI is computationally expensive operation involving string matching between payload and application signatures. Existing traffic classification techniques perform multiple scans of payload to classify the application flows - first scan to extract the words and the second scan to match the words with application signatures. In this paper we propose an approach which can classify network flows with single scan of flow payloads using a heuristic method to achieve a sub-linear search complexity. The idea is to scan few initial bytes of payload and determine potential application signature(s) for subsequent signature matching. We perform experiments with a large dataset containing 171873 network flows and show that it has a good classification accuracy of 98%.

System security is becoming an indispensable part of our daily life due to the rapid proliferation of unknown malware attacks. Recent malware found to have a very complicated structure that is hard to detect by the traditional malware detection techniques such as antivirus, intrusion detection systems, and network scanners. In this paper, we propose a complex network-based malware detection technique, Malware Detection using Complex Network (MDCN), that considers Application Program Interface Call Transition Matrix (API-CTM) to generate complex network topology and then extracts various feature set by analyzing different metrics of the complex network to distinguish malware and benign applications. The generated feature set is then sent to several machine learning classifiers, which include naive-Bayes, support vector machine, random forest, and multilayer perceptron, to comparatively analyze the performance of MDCN-based technique. The analysis reveals that MDCN shows higher accuracy, with lower false-positive cases, when the multilayer perceptron-based classifier is used for the detection of malware. MDCN technique can efficiently be deployed in the design of an integrated enterprise network security system.

Here, we propose a simple design approach based on metal-masked titanium dioxide nanopillars, which can realize strong Mie resonance in metasurfaces and enables light confinement within itself over the range of visible wavelengths. By selecting the appropriate period and diameter of individual titanium dioxide nanopillars, the coincidence of resonance peak positions derived from excited electric and magnetic dipoles can be achived. And the optical properties in this design have been investigated with the Finite-Difference Time-Domain(FDTD) solutions.

This paper introduces an efficient reactive routing protocol considering the mobility and the reliability of a node in Cognitive Radio Sensor Networks (CRSNs). The proposed protocol accommodates the dynamic behavior of the spectrum availability and selects a stable transmission path from a source node to the destination. Outlined as a weighted graph problem, the proposed protocol measures the weight for an edge the measuring the mobility patterns of the nodes and channel availability. Furthermore, the mobility pattern of a node is defined in the proposed routing protocol from the viewpoint of distance, speed, direction, and node's reliability. Besides, the spectrum awareness in the proposed protocol is measured over the number of shared common channels and the channel quality. It is anticipated that the proposed protocol shows efficient routing performance by selecting stable and secured paths from source to destination. Simulation is carried out to assess the performance of the protocol where it is witnessed that the proposed routing protocol outperforms existing ones.

Information-Centric Networking (ICN) has attracted much attention as a promising future network design, which presents a paradigm shift from host-centric to content-centric. However, in edge computing scenarios, there is still no specific ICN forwarding mechanism to improve transmission performance. In this paper, we propose an edge-oriented forwarding mechanism (EFM) for edge computing scenarios. The rationale is to enable edge nodes smarter, such as acting as agents for both consumers and providers to improve content retrieval and distribution. On the one hand, EFM can assist consumers: the edge router can be used either as a fast content repository to satisfy consumers’ requests or as a smart delegate of consumers to request content from upstream nodes. On the other hand, EFM can assist providers: EFM leverages the optimized in-network recovery/retransmission to detect packet loss or even accelerate the content distribution. The goal of our research is to improve the performance of edge networks. Simulation results based on ndnSIM indicate that EFM can enable efficient content retrieval and distribution, friendly to both consumers and providers.

The smart electricity grids have been evolving to a more complex cyber-physical ecosystem of infrastructures with integrated communication networks, new carbon-free sources of power generation, advanced monitoring and control systems, and a myriad of emerging modern physical hardware technologies. With the unprecedented complexity and heterogeneity in dynamic smart grid networks comes additional vulnerability to emerging threats such as cyber attacks. Rapid development and deployment of advanced network monitoring and communication systems on one hand, and the growing interdependence of the electric power grids to a multitude of lifeline critical infrastructures on the other, calls for holistic defense strategies to safeguard the power grids against cyber adversaries. In order to improve the resilience of the power grid against adversarial attacks and cyber intrusions, advancements should be sought on detection techniques, protection plans, and mitigation practices in all electricity generation, transmission, and distribution sectors. This survey discusses such major directions and recent advancements from a lens of different detection techniques, equipment protection plans, and mitigation strategies to enhance the energy delivery infrastructure resilience and operational endurance against cyber attacks. This undertaking is essential since even modest improvements in resilience of the power grid against cyber threats could lead to sizeable monetary savings and an enriched overall social welfare.

This paper presents the implementation of the ELGamal cryptoalgorithm for information flows encryption / decryption, which is based on the application of the vector-modular method of modular exponentiation and multiplication. This allows us to replace the complex operation of the modular exponentiation with multiplication and the last one with addition that increases the speed of the cryptosystem. In accordance with this, the application of the vector-modular method allows us to reduce the modular exponentiation and multiplication temporal complexity in comparison with the classical one.

Modern cryptographic ransomware pose a severe threat to the security of individuals and organizations. Targeted ransomware attacks exhibit refinement in attack vectors owing to the manual reconnaissance performed by the perpetrators for infiltration. The result is an impenetrable lock on multiple hosts within the organization which allows the cybercriminals to demand hefty ransoms. Reliance on prevention strategies is not sufficient and a firm comprehension of implementation details is necessary to develop effective solutions that can thwart ransomware after preventative strategies have failed. Ransomware depend heavily on the abstraction offered by Windows APIs. This paper provides a detailed review of the common API calls in ransomware. We propose four classes of API calls that can be used for profiling and generating effective API call relationships useful in automated detection. Finally, we present counts and visualizations pertaining to API call extraction from real-world ransomware that demonstrate that even advanced variants from different families carry similarities in implementation.

Ahstract-Vulnerability detection is an important topic of software engineering. To improve the effectiveness and efficiency of vulnerability detection, many traditional machine learning-based and deep learning-based vulnerability detection methods have been proposed. However, the impact of different factors on vulnerability detection is unknown. For example, classification models and vectorization methods can directly affect the detection results and code replacement can affect the features of vulnerability detection. We conduct a comparative study to evaluate the impact of different classification algorithms, vectorization methods and user-defined variables and functions name replacement. In this paper, we collected three different vulnerability code datasets. These datasets correspond to different types of vulnerabilities and have different proportions of source code. Besides, we extract and analyze the features of vulnerability code datasets to explain some experimental results. Our findings from the experimental results can be summarized as follows: (i) the performance of using deep learning is better than using traditional machine learning and BLSTM can achieve the best performance. (ii) CountVectorizer can improve the performance of traditional machine learning. (iii) Different vulnerability types and different code sources will generate different features. We use the Random Forest algorithm to generate the features of vulnerability code datasets. These generated features include system-related functions, syntax keywords, and user-defined names. (iv) Datasets without user-defined variables and functions name replacement will achieve better vulnerability detection results.

This paper proposes a stream cipher algorithm. Its main principle is conducting the binary random dynamic hash with the help of key. At the same time of calculating the hash mapping address of plaintext, change the value of plaintext through bits scrambling, and then map it to the ciphertext space. This encryption method has strong randomness, and the design of hash functions and bits scrambling is flexible and diverse, which can constitute a set of encryption and decryption methods. After testing, the code evenness of the ciphertext obtained using this method is higher than that of the traditional method under some extreme conditions..

Malicious software (malware) is designed to cause unwanted or destructive effects on computers. Since modern society is dependent on computers to function, malware has the potential to do untold damage. Therefore, developing techniques to effectively combat malware is critical. With the rise in popularity of polymorphic malware, conventional anti-malware techniques fail to keep up with the rate of emergence of new malware. This poses a major challenge towards developing an efficient and robust malware detection technique. One approach to overcoming this challenge is to classify new malware among families of known malware. Several machine learning methods have been proposed for solving the malware classification problem. However, these techniques rely on hand-engineered features extracted from malware data which may not be effective for classifying new malware. Deep learning models have shown paramount success for solving various classification tasks such as image and text classification. Recent deep learning techniques are capable of extracting features directly from the input data. Consequently, this paper proposes an end-to-end deep learning framework for multimodels (henceforth, multimodel learning) to solve the challenging malware classification problem. The proposed model utilizes three different deep neural network architectures to jointly learn meaningful features from different attributes of the malware data. End-to-end learning optimizes all processing steps simultaneously, which improves model accuracy and generalizability. The performance of the model is tested with the widely used and publicly available Microsoft Malware Challenge Dataset and is compared with the state-of-the-art deep learning-based malware classification pipeline. Our results suggest that the proposed model achieves comparable performance to the state-of-the-art methods while offering faster training using end-to-end multimodel learning.

Child security in the school campus is most important in building a good society. In and around the world the children are abused and killed also in sometimes by the people those who are not in good attitude in the school campus. To track and resolve such issues an enhanced security feature system is required. Hence in this paper an enhanced version of security system for children is proposed by using `Wearable Sensors'. In this proposed method two wearable sensors nodes such as `Staff Node' and `Student Node' are paired by using `Bluetooth' communication technology and Smart Watch technology is also used to communicate the Security Center or Processing Node for tracking them about their location and whether the two nodes are moved away from the classroom. If the child node is not moving for a long period then it may be notified by the center and they will inform the security officers near to the place. This proposed method may satisfy the need of school management about the staff movements with students and the behavior of students to avoid unexpected issues.

Steganography is the concept to conceal information and the data by embedding it as secret data into various digital medium in order to achieve higher security. To achieve this, many steganographic algorithms are already proposed. The ability of human eyes as well as invisibility remain the most important and prominent factor for the security and protection. The most commonly used security measure of data hiding within imagesYet it is ineffective against Steganalysis and lacks proper verifications. Thus the proposed system of Image Steganography using PVD (Pixel Value Differentiating) proves to be a better choice. It compresses and embeds data in images at the pixel value difference calculated between two consecutive pixels. To increase the security, another technique called Edge Detection is used along with PVD to embed data at the edges. Edge Detection techniques like Canny algorithm are used to find the edges in an image horizontally as well as vertically. The edge pixels in an image can be used to handle more bits of messages, because more pixel value shifts can be handled by the image edge area.

Owing to the advancements in communication media and devices all over the globe, there has arisen a dire need for to limit the alarming number of attacks targeting these and to enhance their security. Multiple techniques have been incorporated in different researches and various protocols and schemes have been put forward to cater security issues of session initiation protocol (SIP). In 2008, Qiu et al. presented a proposal for SIP authentication which while effective than many existing schemes, was still found vulnerable to many security attacks. To overcome those issues, Zhang et al. proposed an authentication protocol. This paper presents the analysis of Zhang et al. authentication scheme and concludes that their proposed scheme is susceptible to user traceablity. It also presents an improved SIP authentication scheme that eliminates the possibility of traceability of user's activities. The proposed scheme is also verified by contemporary verification tool, ProVerif and it is found to be more secure, efficient and practical than many similar SIP authetication scheme.