Biblio

Facial is the most dynamic part of the human body that conveys information about emotions. The level of diversity in facial geometry and facial look makes it possible to detect various human expressions. To be able to differentiate among numerous facial expressions of emotion, it is crucial to identify the classes of facial expressions. The methodology used in this article is based on convolutional neural networks (CNN). In this paper Deep Learning CNN is used to examine Alex net architectures. Improvements were achieved by applying the transfer learning approach and modifying the fully connected layer with the Support Vector Machine(SVM) classifier. The system succeeded by achieving satisfactory results on icv-the MEFED dataset. Improved models achieved around 64.29 %of recognition rates for the classification of the selected expressions. The results obtained are acceptable and comparable to the relevant systems in the literature provide ideas a background for further improvements.

Big Data is a concept used in various sectors today, including the government sector in the Smart Government initiative. With a large amount of structured and unstructured data being managed, information assurance becomes important in adopting Big Data. However, so far, no research has focused on information assurance for Big Data. This paper identified information assurance factors for Big Data. This research used the systematic snapshot mapping approach to examine factors relating to information assurance from the literature related to Big Data from 2011 through 2021. The data extraction process in gathering 15 relevant papers. The findings revealed ten factors influencing the information assurance implementation for Big Data, with the security factor becoming the most concentrated factor with 18 sub-factors. The findings are expected to serve as a foundation for adopting information assurance for Big Data to develop an information assurance framework for Smart Government.

Ethical bias in machine learning models has become a matter of concern in the software engineering community. Most of the prior software engineering works concentrated on finding ethical bias in models rather than fixing it. After finding bias, the next step is mitigation. Prior researchers mainly tried to use supervised approaches to achieve fairness. However, in the real world, getting data with trustworthy ground truth is challenging and also ground truth can contain human bias. Semi-supervised learning is a technique where, incrementally, labeled data is used to generate pseudo-labels for the rest of data (and then all that data is used for model training). In this work, we apply four popular semi-supervised techniques as pseudo-labelers to create fair classification models. Our framework, Fair-SSL, takes a very small amount (10%) of labeled data as input and generates pseudo-labels for the unlabeled data. We then synthetically generate new data points to balance the training data based on class and protected attribute as proposed by Chakraborty et al. in FSE 2021. Finally, classification model is trained on the balanced pseudo-labeled data and validated on test data. After experimenting on ten datasets and three learners, we find that Fair-SSL achieves similar performance as three state-of-the-art bias mitigation algorithms. That said, the clear advantage of Fair-SSL is that it requires only 10% of the labeled training data. To the best of our knowledge, this is the first SE work where semi-supervised techniques are used to fight against ethical bias in SE ML models. To facilitate open science and replication, all our source code and datasets are publicly available at https://github.com/joymallyac/FairSSL. CCS CONCEPTS • Software and its engineering → Software creation and management; • Computing methodologies → Machine learning. ACM Reference Format: Joymallya Chakraborty, Suvodeep Majumder, and Huy Tu. 2022. Fair-SSL: Building fair ML Software with less data. In International Workshop on Equitable Data and Technology (FairWare ‘22), May 9, 2022, Pittsburgh, PA, USA. ACM, New York, NY, USA, 8 pages. https://doi.org/10.1145/3524491.3527305

Intelligent connected vehicle platoon technology can reduce traffic congestion and vehicle fuel. However, attacks on the data transmitted by the platoon are one of the primary challenges encountered by the platoon during its travels. The false data injection (FDI) attack can lead to road congestion and even vehicle collisions, which can impact the platoon. However, the complexity of the cellular - vehicle to everything (C-V2X) environment, the single source of the message and the poor data processing capability of the on board unit (OBU) make the traditional detection methods’ success rate and response time poor. This study proposes a platoon state information fusion method using the communication characteristics of the platoon in C-V2X and proposes a novel platoon intrusion detection model based on this fusion method combined with sequential importance sampling (SIS). The SIS is a measured strategy of Monte Carlo integration sampling. Specifically, the method takes the status information of the platoon members as the predicted value input. It uses the leader vehicle status information as the posterior probability of the observed value to the current moment of the platoon members. The posterior probabilities of the platoon members and the weights of the platoon members at the last moment are used as input to update the weights of the platoon members at the current moment and obtain the desired platoon status information at the present moment. Moreover, it compares the status information of the platoon members with the desired status information to detect attacks on the platoon. Finally, the effectiveness of the method is demonstrated by simulation.

While acquiring precise and intelligent state sensing and control capabilities, the cyber physical power system is constantly exposed to the potential cyber-attack threat. False data injection (FDI) attack attempts to disrupt the normal operation of the power system through the coupling of cyber side and physical side. To deal with the situation that stealthy FDI attack can bypass the bad data detection and thus trigger false commands, a system feature extraction method in state estimation is proposed, and the corresponding FDI attack detection method is presented. Based on the principles of state estimation and stealthy FDI attack, we analyze the impacts of FDI attack on measurement residual. Gaussian fitting method is used to extract the characteristic parameters of residual distribution as the system feature, and attack detection is implemented in a sliding time window by comparison. Simulation results prove that the proposed attack detection method is effectiveness and efficiency.

The architecture and functioning of the electricity markets are rapidly evolving in favour of solutions based on real-time data sharing and decentralised, distributed, renewable energy generation. Peer-to-peer (P2P) energy markets allow two individuals to transact with one another without the need of intermediaries, reducing the load on the power grid during peak hours. However, such a P2P energy market is prone to various cyber attacks. Blockchain technology has been proposed to implement P2P energy trading to support this change. One of the most crucial components of blockchain technology in energy trading is the consensus mechanism. It determines the effectiveness and security of the blockchain for energy trading. However, most of the consensus used in energy trading today are traditional consensus such as Proof-of-Work (PoW) and Practical Byzantine Fault Tolerance (PBFT). These traditional mechanisms cannot be directly adopted in P2P energy trading due to their huge computational power, low throughput, and high latency. Therefore, we propose the Block Alliance Consensus (BAC) mechanism based on Hashgraph. In a massive P2P energy trading network, BAC can keep Hashgraph's throughput while resisting Sybil attacks and supporting the addition and deletion of energy participants. The high efficiency and security of BAC and the blockchain-based energy trading platform are verified through experiments: our improved BAC has an average throughput that is 2.56 times more than regular BFT, 5 times greater than PoW, and 30% greater than the original BAC. The improved BAC has an average latency that is 41% less than BAC and 81% less than original BFT. Our energy trading blockchain (ETB)'s READ performance can achieve the most outstanding throughput of 1192 tps at a workload of 1200 tps, while WRITE can achieve 682 tps at a workload of 800 tps with a success rate of 95% and 0.18 seconds of latency.

Modular exponentiation (ME) is a complex operation for several public-key cryptosystems (PKCs). Moreover, ME is expensive for resource-constrained devices in terms of computation time and energy consumption, especially when the exponent is large. ME is defined as the task of raising an integer x to power k and reducing the result modulo some integer n. Several methods to calculate ME have been proposed. In this paper, we present the efficient ME methods. We then implement the methods using different security levels of RSA keys on a Raspberry Pi. Finally, we give the fast ME method.

This paper introduces an application of machine learning algorithms. In fact, support vector machine and decision tree approaches are studied and applied to compare their performances in detecting, classifying, and locating faults in the transmission network. The IEEE 14-bus transmission network is considered in this work. Besides, 13 types of faults are tested. Particularly, the one fault and the multiple fault cases are investigated and tested separately. Fault simulations are performed using the SimPowerSystems toolbox in Matlab. Basing on the accuracy score, a comparison is made between the proposed approaches while testing simple faults, on the one hand, and when complicated faults are integrated, on the other hand. Simulation results prove that the support vector machine technique can achieve an accuracy of 87% compared to the decision tree which had an accuracy of 53% in complicated cases.

Nowadays, data is essential in several fields, such as science, finance, medicine, and transportation, which means its value continues to rise. Relational databases are vulnerable to copyright threats when transmitted and shared as a carrier of data. The watermarking technique is seen as a partial solution to the problem of securing copyright ownership. However, most of them are currently restricted to numerical attributes in relational databases, limiting their versatility. Furthermore, they modify the source data to a large extent, failing to keep the characteristics of the original database, and they are susceptible to solid malicious attacks. This paper proposes a new robust reversible watermarking technique, Fields Based Inserting Position Tuples algorithm (FBIPT), for relational databases. FBIPT does not modify the original database directly; instead, it inserts some position tuples based on three Fields―Group Field, Feature Field, and Control Field. Field information can be calculated by numeric attributes and any attribute that can be transformed into binary bits. FBIPT technique retains all the characteristics of the source database, and experimental results prove the effectiveness of FBIPT and show its highly robust performance compared to state-of-the-art watermarking schemes.

Homomorphic encryption (HE) facilitates computing over encrypted data without using the secret keys. It is currently inefficient for practical implementation on the Internet of Things (IoT). However, the performance of these HE schemes may increase with optimized libraries and hardware capabilities. Thus, implementing and analyzing HE schemes and protocols on resource-constrained devices is essential to deriving optimized and secure schemes. This paper develops an energy profiling framework for homomorphic encryption on IoT devices. In particular, we analyze energy consumption and performance such as CPU and Memory utilization and execution time of numerous HE schemes using SEAL and HElib libraries on the Raspberry Pi 4 hardware platform and study energy-performance-security trade-offs. Our analysis reveals that HE schemes can incur a maximum of 70.07% in terms of energy consumption among the libraries. Finally, we provide guidelines for optimization of Homomorphic Encryption by leveraging multi-threading and edge computing capabilities for IoT applications. The insights obtained from this study can be used to develop secure and resource-constrained implementation of Homomorphic encryption depending on the needs of IoT applications.

The rapid growth of number of devices that are connected to internet of things (IoT) networks, increases the severity of security problems that need to be solved in order to provide safe environment for network data exchange. The discovery of new vulnerabilities is everyday challenge for security experts and many novel methods for detection and prevention of intrusions are being developed for dealing with this issue. To overcome these shortcomings, artificial intelligence (AI) can be used in development of advanced intrusion detection systems (IDS). This allows such system to adapt to emerging threats, react in real-time and adjust its behavior based on previous experiences. On the other hand, the traffic classification task becomes more difficult because of the large amount of data generated by network systems and high processing demands. For this reason, feature selection (FS) process is applied to reduce data complexity by removing less relevant data for the active classification task and therefore improving algorithm's accuracy. In this work, hybrid version of recently proposed sand cat swarm optimizer algorithm is proposed for feature selection with the goal of increasing performance of extreme learning machine classifier. The performance improvements are demonstrated by validating the proposed method on two well-known datasets - UNSW-NB15 and CICIDS-2017, and comparing the results with those reported for other cutting-edge algorithms that are dealing with the same problems and work in a similar configuration.

Sybil attack is one of the most dangerous internal attacks in Vehicular Ad Hoc Network (VANET). It affects the function of the VANET network by maliciously claiming or stealing multiple identity propagation error messages. In order to prevent VANET from Sybil attacks, many solutions have been proposed. However, the existing solutions are specific to the physical or application layer's single-level data and lack research on cross-layer information fusion detection. Moreover, these schemes involve a large number of sensitive data access and transmission, do not consider users' privacy, and can also bring a severe communication burden, which will make these schemes unable to be actually implemented. In this context, this paper introduces FedMix, the first federated Sybil attack detection system that considers cross-layer information fusion and provides privacy protection. The system can integrate VANET physical layer data and application layer data for joint analyses simultaneously. The data resides locally in the vehicle for local training. Then, the central agency only aggregates the generated model and finally distributes it to the vehicles for attack detection. This process does not involve transmitting and accessing any vehicle's original data. Meanwhile, we also designed a new model aggregation algorithm called SFedAvg to solve the problems of unbalanced vehicle data quality and low aggregation efficiency. Experiments show that FedMix can provide an intelligent model with equivalent performance under the premise of privacy protection and significantly reduce communication overhead, compared with the traditional centralized training attack detection model. In addition, the SFedAvg algorithm and cross-layer information fusion bring better aggregation efficiency and detection performance, respectively.

In recent years, the security of AI systems has drawn increasing research attention, especially in the medical imaging realm. To develop a secure medical image analysis (MIA) system, it is a must to study possible backdoor attacks (BAs), which can embed hidden malicious behaviors into the system. However, designing a unified BA method that can be applied to various MIA systems is challenging due to the diversity of imaging modalities (e.g., X-Ray, CT, and MRI) and analysis tasks (e.g., classification, detection, and segmentation). Most existing BA methods are designed to attack natural image classification models, which apply spatial triggers to training images and inevitably corrupt the semantics of poisoned pixels, leading to the failures of attacking dense prediction models. To address this issue, we propose a novel Frequency-Injection based Backdoor Attack method (FIBA) that is capable of delivering attacks in various MIA tasks. Specifically, FIBA leverages a trigger function in the frequency domain that can inject the low-frequency information of a trigger image into the poisoned image by linearly combining the spectral amplitude of both images. Since it preserves the semantics of the poisoned image pixels, FIBA can perform attacks on both classification and dense prediction models. Experiments on three benchmarks in MIA (i.e., ISIC-2019 [4] for skin lesion classification, KiTS-19 [17] for kidney tumor segmentation, and EAD-2019 [1] for endoscopic artifact detection), validate the effectiveness of FIBA and its superiority over stateof-the-art methods in attacking MIA models and bypassing backdoor defense. Source code will be available at code.

Memory-based vulnerabilities are becoming more and more common in low-power and low-cost devices in IOT. We study several low-level vulnerabilities that lead to memory corruption in C and C++ programs, and how to use stack corruption and format string attack to exploit these vulnerabilities. Automatic methods for resisting memory attacks, such as stack canary and address space layout randomization ASLR, are studied. These methods do not need to change the source program. However, a return-oriented programming (ROP) technology can bypass them. Control flow integrity (CFI) can resist the destruction of ROP technology. In fact, the security design is holistic. Finally, we summarize the rules of security coding in embedded devices, and propose two novel methods of software anomaly detection process for IOT devices in the future.

Financial technology (Fintech) is an amalgamation of financial management using a technology system. Fintech has become a public concern because this service provides many service features to make it easier from the financial side, such as being used in cooperative financial institutions, banking and insurance. This paper will analyze the opportunities and challenges of Fintech sharia in Indonesia. By exploring the existing literature, this article will try to answer that question. This research is carried out using a literature review approach and comparative qualitative method which will determined the results of the SWOT analysis of sharia financial technology in indonesia. It is needed to mitigate risk of funding in a peer to peer method in overcoming the security of funds and data from investors, firstly companies can perform transparency on the clarity of investor funds. This is done as one of the facilities provided to investors in the Fintech application. In the future, it is hoped that in facing competition, sharia-based fintech companies must be able to provide targeted services through the socialization of sharia fintech to the public, both online and offline. Investors are expected to be more careful before investing in choosing Fintech Peer to Peer (P2P) Lending services by checking the list of Fintech lending and lending companies registered and found by the Financial Services Authority (OJK).

Research data sharing requires provision of adequate security. The requirements for data privacy are extremely demanding for medical data that is reused for research purposes. To address these requirements, the research institutions must implement adequate security measurements, and this demands large effort and costs to do it properly. The usage of adequate access controls and data encryption are key approaches to effectively protect research data confidentiality; however, the management of the encryption keys is challenging. There are novel mechanisms that can be explored for managing access to the encryption keys and encrypted files. These mechanisms guarantee that data are accessed by authorised users and that auditing is possible. In this paper we explore these mechanisms to implement a secure research medical data sharing system. In the proposed system, the research data are stored on a secure cloud system. The data are partitioned into subsets, each one encrypted with a unique key. After the authorisation process, researchers are given rights to use one or more of the keys and to selectively access and decrypt parts of the dataset. Our proposed solution offers automated fine-grain access control to research data, saving time and work usually made manually. Moreover, it maximises and fortifies users' trust in data sharing through secure clouds solutions. We present an initial evaluation and conclude with a discussion about the limitations, open research questions and future work around this challenging topic.

Companies store increasing amounts of data, requiring the implementation of mechanisms to protect them from malicious people. There are techniques and procedures that aim to increase the security of computer systems, such as network protection services, firewalls. They are intended to filter packets that enter and leave a network. Its settings depend on security policies, which consist of documents that describe what is allowed to travel on the network and what is prohibited. The transcription of security policies into rules, written in native firewall language, that represent them, is the main source of errors in firewall configurations. In this work, concepts related to security between networks and firewalls are presented. Related works on security policies and their translations into firewall rules are also referenced. Furthermore, the developed tool, named Fireasy, is presented, which allows the modeling of security policies through graphic elements, and the maintenance of rules written in native firewall language, also representing them in graphic elements. Finally, a controlled experiment was conducted to validate the approach, which indicated, in addition to the correct functioning of the tool, an improvement in the translation of security policies into firewall rules using the tool. In the task of understanding firewall rules, there was a homogenization of the participants' performance when they used the tool.

The rapid complexity growth of electronic systems nowadays increases their vulnerability to hacking, such as fault injection, including insertion of glitches into the system clock to corrupt internal state through timing errors. As a countermeasure, a frequency locked loop (FLL) based clock glitch detector is proposed in this paper. Regulated from an external supply voltage, this FLL locks at 16-36X of the system clock, creating four phases to measure the system clock by oversampling at 64-144X. The samples are then used to sense the frequency and close the frequency locked loop, as well as to detect glitches through pattern matching. Implemented in a 5nm FINFET process, it can detect the glitches or pulse width variations down to 3.125% of the input 40MHz clock cycle with the supply varying from 0.5 to 1.0V.

Cloud computing is a new term that refers to the service provisioned over the Internet. It is considered one of the foremost prevailing standards within the Data Innovation (IT) industry these days. It offers capable handling and capacity assets as on-demand administrations at diminished fetched, and progressed productivity. It empowers sharing computing physical assets among cloud computing tents and offers on-demand scaling with taken toll effectiveness. Moreover, cloud computing plays an important role in data centers because they house virtually limitless computational and storage capacities that businesses and end-users can access and use via the Internet. In the context of cloud computing, fog computing refers to bringing services to the network’s edge. Fog computing gives cloud-like usefulness, such as information capacity space, systems, and compute handling control, yet with a more noteworthy scope and nearness since fog nodes are found close to d-user edge gadgets, leveraging assets and diminishing inactivity. The concepts of cloud computing and fog computing will be explored in this paper, and their features will be contrasted to determine the differences between them. Over 25 factors have been used to compare them.

Historically, energy resources are of strategic importance for the social welfare and economic growth. So, predicting crude oil price fluctuations is an important issue. Since crude oil price changes are affected by many risk factors in markets, this price shows more complicated nonlinear behavior and creates more risk levels for investors than in the past. We propose a new method of prediction of crude oil price to model nonlinear dynamics. The results of the experiments show that the superior performance of the model based on the proposed method against statistical previous works is statistically significant. In general, we found that the combination of the IDBN or LSTM model lowered the MSE value to 4.65, which is 0.81 lower than the related work (Chen et al. protocol), indicating an improvement in prediction accuracy.

The popularity of portable web browsers is increasing due to its convenient and compact nature along with the benefit of the data being stored and transferred easily using a USB drive. As technology gets updated frequently, developers are working on web browsers that can be portable in nature with additional security features like private mode browsing, built in ad blockers etc. The increased probability of using portable web browsers for carrying out nefarious activities is a result of cybercriminals with the thought that if they use portable web browsers in private mode it won't leave a digital footprint. Hence, the research paper aims at performing a comparative study of four portable web browsers namely Brave, TOR, Vivaldi, and Maxthon along with various memory acquisition tools to understand the quantity and quality of the data that can be recovered from the memory dump in two different conditions that is when the browser tabs were open and when the browser tabs were closed in a system to aid the forensic investigators.

The goals, objectives and criteria of the effectiveness of the creation, maintenance and use of the Digital Information Fund of Intellectual Property (DIFIP) are considered. A formalized methodology is proposed for designing DIFIPs, increasing its efficiency and quality, based on a set of interconnected models, methods and algorithms for analysis, synthesis and normalization distributed information management of DIFIP's structure; classification of databases users of patent and scientific and technical information; synthesis of optimal logical structures of the DIFIP database and thematic databases; assessing the quality of the database and ensuring the required level of data security.

JPEG-XS offers low complexity image compression for applications with constrained but reasonable bit-rate, and low latency. Our paper explores the deployment of JPEG-XS on lossy packet networks. To preserve low latency, Forward Error Correction (FEC) is envisioned as the protection mechanism of interest. Although the JPEG-XS codestream is not scalable in essence, we observe that the loss of a codestream fraction impacts the decoded image quality differently, depending on whether this codestream fraction corresponds to codestream headers, to coefficient significance information, or to low/high frequency data. Hence, we propose a rate-distortion optimal unequal error protection scheme that adapts the redundancy level of Reed-Solomon codes according to the rate of channel losses and the type of information protected by the code. Our experiments demonstrate that, at 5% loss rates, it reduces the Mean Squared Error by up to 92% and 65%, compared to a transmission without and with optimal but equal protection, respectively.

This paper explores high throughput architectures for the substitution modules, which are an integral component of encryption algorithms. The security algorithms chosen belong to the category of lightweight crypto-primitives suitable for pervasive computing. The focus of this work is on the implementation of encryption algorithms on hardware platforms to improve speed and facilitate optimization in the area and power consumption of the design. In this work, the architecture for the encryption algorithms' substitution box (S-box) is modified using switching circuits (i.e., MUX-based) along with a logic generator and included in the overall cipher design. The modified architectures exhibit high throughput and consume less energy in comparison to the state-of-the-art designs. The percentage increase in throughput or maximum frequency differs according to the chosen algorithms discussed elaborately in this paper. The evaluation of various metrics specific to the design are executed at RFID-specific frequency so that they can be deployed in an IoT environment. The designs are mainly simulated and compared on Nexys4 DDR FPGA platform, along with a few other FPGAs, to meet similar design and implementation environments for a fair comparison. The application of the proposed S-box modification is explored for the healthcare scenario with promising results.

Now a day's data hacking is the main issue for cloud computing, protecting a data there are so many methods in that one most usable method is the data Encryption. Process of Encryption is the converting a data into an un readable form using encryption key, encoded version that can only be read with authorized access to the decryption key. This paper presenting a simple, energy and area efficient method for endurance issue in secure resistive main memories. In this method, by employing the random characteristics of the encrypted data encoded by the Advanced Encryption Standard (AES) as well as a rotational shift operation. Random Shifter is simple hardware implementation and energy efficient method. It is considerably smaller than that of other recently proposed methods. Random Shifter technique used for secure memory with other error correction methods. Due to their reprogram ability, Field Programmable Gate Arrays (FPGA) are a popular choice for the hardware implementation of cryptographic algorithms. The proposed random shifter algorithm for AES and DES (Hybrid) data is implemented in the VIRTEX FPGA and it is efficient and suitable for hardware-critical applications. This Paper is implemented using model sim and Xilinx 14.5 version.