Biblio

Network intrusion detection systems (NIDS) are widely used solutions targeting the security of any network device connected to the Internet and are taking the lead in the battle against intruders. This paper addresses the network security issues by implementing a hardware-based NIDS solution with a Naïve Bayes machine learning (ML) algorithm for classification using NSL Knowledge Discovery in Databases (KDD) dataset. The proposed FPGA implementation of the Naive Bayes classifier focuses on low latency and provides intrusion detection in just 240ns, with accuracy/precision of 70/97%, occupying 1 % of the Virtex7 VC709 FPGA chip area.

Image edge is considered to be the most important attribute to provide valuable image perception information. At present, video image data is developing towards high resolution and high frame number. The image data processing capacity is huge, so the processing speed is very strict to meet the real-time performance of image data transmission. In this context, we present a method to accelerate the real-time video image edge detection. FPGA is used as the development platform. The real-time edge detection algorithm of image data with 1280x720 resolution and 30 frame/s, combined with median filter, Sobel edge detection algorithm and corrosion expansion algorithm, makes the running time of image processing module shorter. The color image of the video image collected by camera is processed. The HDMI interface shows that the scheme has achieved ideal results in the FPGA hardware platform simulation model, greatly improves the efficiency of the algorithm, and provides a guarantee for the speed and stability of the real-time image processing system.

Nowadays, source location privacy in underwater acoustic sensor networks (UASNs) has gained a lot of attention. The aim of source location privacy is to use specific technologies to protect the location of the source from being compromised. Among the many technologies available are fake packet technology, multi-path routing technology and so on. The fake packet technology uses a certain amount of fake packets to mask the transmission of the source packet, affecting the adversary's efficiency of hop-by-hop backtracking to the source. However, during the operation of the fake packet technology, the fake packet, and the source packet may interfere with each other. Focus on this, a fake packet time slot assignment-based source location privacy protection (FPTSA-SLP) scheme. The time slot assignment is adopted to avoid interference with the source packet. Also, a relay node selection method based on the handshake is further proposed to increase the diversity of the routing path to confuse the adversary. Compared with the comparison algorithm, the simulation results demonstrate that the proposed scheme has a better performance in safety time.

In this article we propose the architecture of a system in which its central objective is focused on creating a complete framework for creating outdoor environments of Augmented Reality (AR) and Virtual Reality (VR) allowing its users to digitize reality for hypermedia format. Subsequently, there will be an internal process with the objective of merging / grouping these 3D models, thus enabling clear and intuitive navigation within infinite virtual realities (based on the captured real world). In this way, the user is able to create points of interest within their parallel realities, being able to navigate and traverse their new worlds through these points.

With the rapid development of the wireless network and smart mobile equipment, many lawbreakers employ mobile devices to destroy and steal important information and property from other persons. In order to fighting the criminal act efficiently, the public security organ need to collect the evidences from the crime tools and submit to the court. In the meantime, with development of internal storage technology, the law enforcement officials collect lots of information from the smart mobile equipment, for the sake of handling the huge amounts of data, we propose a framework that combine distributed clustering methods to analyze data sets, this model will split massive data into smaller pieces and use clustering method to analyze each smaller one on disparate machines to solve the problem of large amount of data, thus forensics investigation work will be more effectively.

Vision systems, i.e., systems that enable the detection and tracking of objects in images, have gained substantial importance over the past decades. They are used in quality assurance applications, e.g., for finding surface defects in products during manufacturing, surveillance, but also automated driving, requiring reliable behavior. Interestingly, there is only little work on quality assurance and especially testing of vision systems in general. In this paper, we contribute to the area of testing vision software, and present a framework for the automated generation of tests for systems based on vision and image recognition with the focus on easy usage, uniform usability and expandability. The framework makes use of existing libraries for modifying the original images and to obtain similarities between the original and modified images. We show how such a framework can be used for testing a particular industrial application on identifying defects on riblet surfaces and present preliminary results from the image classification domain.

Reconfigurability is very popular in advanced highly integrated wireless communication circuits and systems, which is valuable for mitigating spectrum congestion and reducing signal interference. To reduce interference and meet the different wireless standards in different countries, frequency reconfigurable filters are promising. Concurrently, due to the conductor and semiconductor properties of VO2 at different temperatures or pressures, the phase transition characteristics of new material VO2 are applied to reconfigurable filters. This paper mainly discusses the application of phase transition characteristics of VO2 materials in filter design and proposes a frequency reconfigurable microstrip bandpass filter based on VO2 materials, in which the microstrip filter adopts the design form of end coupling. Through theoretical calculation, data analysis, and the establishment of the equivalent model of VO2 phase transition, a related design is proposed. An end-coupled microband bandpass filter centered at a reconfigurable frequency (6 GHz to 6.5 GHz) with fractional bandwidth of 2.8% has been designed, which shows consistent match with the expected ones and verify the validity of the proposed method.

The dark web searching mechanism is unlike surface web searching. On one popular dark web, Tor dark web, the search is often directed by directory like services such as Hidden Wiki. The numerous dark web data collection mechanisms are discussed and implemented via crawling. The dark web crawler assumes seed link, i.e. hidden service from where the crawling begins. One such popular Tor directory service is Hidden Wiki. Most of the hidden services listed on the Hidden Wiki 2020 page became unreachable with the recent upgrade in the Tor version. The Hidden Wiki 2021 page has a limited listing of services compared to the Hidden Wiki 2020 page. This motivated authors of the present work to establish the role of Hidden wiki service in dark web research and proposed the hypothesis that the dark web could be reached better through customized harvested links than Hidden Wiki-like service. The work collects unique hidden services/ onion links using the opensource crawler TorBot and runs similarity analysis on collected pages to map to corresponding categories.

Recent technological advances in developing intelligent telecommunication networks, ultra-compact bendable wireless transceiver chips, adaptive wearable sensors and actuators, and secure computing infrastructures along with the progress made in psychology and neuroscience for understanding neu-rocognitive and computational principles of human behavior combined have paved the way for a new field of research: Tactile Internet with Human-in-the-Loop (TaHiL). This emerging field of transdisciplinary research aims to promote next generation digitalized human-machine interactions in perceived real time. To achieve this goal, mechanisms and principles of human goal-directed multisensory perception and action need to be integrated into technological designs for breakthrough innovations in mobile telecommunication, electronics and materials engineering, as well as computing. This overview highlights key challenges and the frontiers of research in the new field of TaHiL. Revolutionizing the current Internet as a digital infrastructure for sharing visual and auditory information globally, the TaHiL research will enable humans to share tactile and haptic information and thus veridically immerse themselves into virtual, remote, or inaccessible real environments to exchange skills and expertise with other humans or machines for applications in medicine, industry, and the Internet of Skills.

This paper presents a fully blind false data injection (FDI) attack against an industrial field-bus i.e. PROFINET that is widely used in Siemens distributed Input/Output (I/O) systems. In contrast to the existing academic efforts in the research community which assume that an attacker is already familiar with the target system, and has a full knowledge of what is being transferred from the sensors or to the actuators in the remote I/O module, our attack overcomes these strong assumptions successfully. For a real scenario, we first sniff and capture real time data packets (PNIO-RT) that are exchanged between the IO-Controller and the IO-Device. Based on the collected data, we create an I/O database that is utilized to replace the correct data with false one automatically and online. Our full attack-chain is implemented on a real industrial setting based on Siemens devices, and tested for two scenarios. In the first one, we manipulate the data that represents the actual sensor readings sent from the IO-Device to the IO-Controller, whereas in the second scenario we aim at manipulating the data that represents the actuator values sent from the IO-Controller to the IO-Device. Our results show that compromising PROFINET I/O systems in the both tested scenarios is feasible, and the physical process to be controlled is affected. Eventually we suggest some possible mitigation solutions to secure our systems from such threats.

The progression of cryptographic attacks in the ICT era doubtless leads to the development of new cryptographic algorithms and assessment, and evaluation of the existing ones. In this paper, the artificial intelligence application, through the fuzzy analytic hierarchy process (FAHP) implementation, is used to rank criteria and sub-criteria on which the algorithms are based to determine the most promising criteria and optimize their use. Out of fifteen criteria, security soundness, robustness and hardware failure distinguished as significant ones.

Physical unclonable functions (PUFs) are used to create unique device identifiers from their inherent fabrication variability. Unstable readings and variation of the PUF response over time are key issues that limit the applicability of PUFs in real-world systems. In this project, we developed a fuzzy extractor (FE) to generate robust cryptographic keys from ReRAM-based PUFs. We tested the efficiency of the proposed FE using BCH and Polar error correction codes. We use ReRAM-based PUFs operating in pre-forming range to generate binary cryptographic keys at ultra-low power with an objective of tamper sensitivity. We investigate the performance of the proposed FE with real data using the reading of the resistance of pre-formed ReRAM cells under various noise conditions. The results show a bit error rate (BER) in the range of 10−5 for the Polar-codes based method when 10% of the ReRAM cell array is erroneous at Signal to Noise Ratio (SNR) of 20dB.This error rate is achieved by using helper data length of 512 bits for a 256 bit cryptographic key. Our method uses a 2:1 ratio for helper data and key, much lower than the majority of previously reported methods. This property makes our method more robust against helper data attacks.

This article discusses the problem of information security management in computer systems and describes the process of developing an algorithm that allows to determine measures to protect personal data. The organizational and technical measures formulated by the FSTEC are used as measures.

This project develops a face recognition-based door locking system with two-factor authentication using OpenCV. It uses Raspberry Pi 4 as the microcontroller. Face recognition-based door locking has been around for many years, but most of them only provide face recognition without any added security features, and they are costly. The design of this project is based on human face recognition and the sending of a One-Time Password (OTP) using the Twilio service. It will recognize the person at the front door. Only people who match the faces stored in its dataset and then inputs the correct OTP will have access to unlock the door. The Twilio service and image processing algorithm Local Binary Pattern Histogram (LBPH) has been adopted for this system. Servo motor operates as a mechanism to access the door. Results show that LBPH takes a short time to recognize a face. Additionally, if an unknown face is detected, it will log this instance into a "Fail" file and an accompanying CSV sheet.

Discovering vulnerabilities is an information-intensive task that requires a developer to locate the defects in the code that have security implications. The task is difficult due to the growing code complexity and some developer's lack of security expertise. Although tools have been created to ease the difficulty, no single one is sufficient. In practice, developers often use a combination of tools to uncover vulnerabilities. Yet, the basis on which different tools are composed is under explored. In this paper, we examine the composition base by taking advantage of the tool design patterns informed by foraging theory. We follow a design science methodology and carry out a three-step empirical study: mapping 34 foraging-theoretic patterns in a specific vulnerability discovery tool, formulating hypotheses about the value and cost of foraging when considering two composition scenarios, and performing a human-subject study to test the hypotheses. Our work offers insights into guiding developers' tool usage in detecting software vulnerabilities.

Safety- and security-critical developers have long recognized the importance of applying a high degree of scrutiny to a system’s (or subsystem’s) I/O messages. However, lack of care in the development of message-handling components can lead to an increase, rather than a decrease, in the attack surface. On the DARPA Cyber-Assured Systems Engineering (CASE) program, we have focused our research effort on identifying cyber vulnerabilities early in system development, in particular at the Architecture development phase, and then automatically synthesizing components that mitigate against the identified vulnerabilities from high-level specifications. This approach is highly compatible with the goals of the LangSec community. Advances in formal methods have allowed us to produce hardware/software implementations that are both performant and guaranteed correct. With these tools, we can synthesize high-assurance “building blocks” that can be composed automatically with high confidence to create trustworthy systems, using a method we call Security-Enhancing Architectural Transformations. Our synthesis-focused approach provides a higherleverage insertion point for formal methods than is possible with post facto analytic methods, as the formal methods tools directly contribute to the implementation of the system, without requiring developers to become formal methods experts. Our techniques encompass Systems, Hardware, and Software Development, as well as Hardware/Software Co-Design/CoAssurance. We illustrate our method and tools with an example that implements security-improving transformations on system architectures expressed using the Architecture Analysis and Design Language (AADL). We show how message-handling components can be synthesized from high-level regular or context-free language specifications, as well as a novel specification language for self-describing messages called Contiguity Types, and verified to meet arithmetic constraints extracted from the AADL model. Finally, we guarantee that the intent of the message processing logic is accurately reflected in the application binary code through the use of the verified CakeML compiler, in the case of software, or the Restricted Algorithmic C toolchain with ACL2-based formal verification, in the case of hardware/software co-design.

Trust estimation of vehicles is vital for the correct functioning of Vehicular Ad Hoc Networks (VANETs) as it enhances their security by identifying reliable vehicles. However, accurate trust estimation still remains distant as existing works do not consider all malicious features of vehicles, such as dropping or delaying packets, altering content, and injecting false information. Moreover, data consistency of messages is not guaranteed here as they pass through multiple paths and can easily be altered by malicious relay vehicles. This leads to difficulty in measuring the effect of content tampering in trust calculation. Further, unreliable wireless communication of VANETs and unpredictable vehicle behavior may introduce uncertainty in the trust estimation and hence its accuracy. In this view, we put forward three trust factors - captured by fuzzy sets to adequately model malicious properties of a vehicle and apply a fuzzy logic-based algorithm to estimate its trust. We also introduce a parameter to evaluate the impact of content modification in trust calculation. Experimental results reveal that the proposed scheme detects malicious vehicles with high precision and recall and makes decisions with higher accuracy compared to the state-of-the-art.

Nowadays, video surveillance systems are part of our daily life, because of their role in ensuring the security of goods and people this generates a huge amount of video data. Thus, several research works based on the ontology paradigm have tried to develop an efficient system to index and search precisely a very large volume of videos. Due to their semantic expressiveness, ontologies are undoubtedly very much in demand in recent years in the field of video surveillance to overcome the problem of the semantic gap between the interpretation of the data extracted from the low level and the high-level semantics of the video. Despite its good expressiveness of semantics, a classical ontology may not be sufficient for good handling of uncertainty, which is however commonly present in the video surveillance domain, hence the need to consider a new ontological approach that will better represent uncertainty. Fuzzy logic is recognized as a powerful tool for dealing with vague, incomplete, imperfect, or uncertain data or information. In this work, we develop a new ontological approach based on fuzzy logic. All the relevant fuzzy concepts such as Video\_Objects, Video\_Events, Video\_Sequences, that could appear in a video surveillance domain are well represented with their fuzzy Ontology DataProperty and the fuzzy relations between them (Ontology ObjectProperty). To achieve this goal, the new fuzzy video surveillance ontology is implemented using the fuzzy ontology web language 2 (fuzzy owl2) which is an extension of the standard semantic web language, ontology web language 2 (owl2).

The existing methods of constructing a trusted computing environment do not fully meet the requirements. Intel SGX provides a new hardware foundation for the construction of trusted computing environment. However, existing SGX still faces problems such as side channel attacks. To overcome it, this paper present F-SGX which is the future SGX for trusting computing. In our opinion, F-SGX hold stronger isolation than current SGX, and reduce the dependence of enclave on host operating system. Furthermore, F-SGX hold a private key for the attestation. We believe that F-SGX can further provide better support for trusting computing environments while there is a good balance between isolation and dependencies.

Recently, federated learning (FL), as an advanced and practical solution, has been applied to deal with privacy-preserving issues in distributed multi-party federated modeling. However, most existing FL methods focus on the same privacy-preserving budget while ignoring various privacy requirements of participants. In this paper, we for the first time propose an algorithm (PLU-FedOA) to optimize the deep neural network of horizontal FL with personalized local differential privacy. For such considerations, we design two approaches: PLU, which allows clients to upload local updates under differential privacy-preserving of personally selected privacy level, and FedOA, which helps the server aggregates local parameters with optimized weight in mixed privacy-preserving scenarios. Moreover, we theoretically analyze the effect on privacy and optimization of our approaches. Finally, we verify PLU-FedOA on real-world datasets.

The main objective of the proposed work is to build a reliable and secure architecture for cloud servers where users may safely store and transfer their data. This platform ensures secure communication between the client and the server during data transfer. Furthermore, it provides a safe method for sharing and transferring files from one person to another. As a result, for ensuring safe data on cloud servers, this research work presents a secure architecture combining three DNA cryptography, HMAC, and a third party Auditor. In order to provide security by utilizing various strategies, a number of traditional and novel cryptographic methods are investigated. In the first step, data will be encrypted with the help of DNA cryptography, where the encoded document will be stored in the cloud server. In next step, create a HMAC value of encrypted file, which was stored on cloud by using secret key and sends to TPA. In addition, Third Party Auditor is used for authenticate the purity of stored documents in cloud at the time of verification TPA also create HMAC value from Cloud stored data and verify it. DNA-based cryptographic technique, hash based message authentic code and third party auditor will provide more secured framework for data security and integrity in cloud server.

We introduce the novel concept of feature popularity with three different web attacks and big data from the CSE-CIC-IDS2018 dataset: Brute Force, SQL Injection, and XSS web attacks. Feature popularity is based upon ensemble Feature Selection Techniques (FSTs) and allows us to more easily understand common important features between different cyberattacks, for two main reasons. First, feature popularity lists can be generated to provide an easy comprehension of important features across different attacks. Second, the Jaccard similarity metric can provide a quantitative score for how similar feature subsets are between different attacks. Both of these approaches not only provide more explainable and easier-to-understand models, but they can also reduce the complexity of implementing models in real-world systems. Four supervised learning-based FSTs are used to generate feature subsets for each of our three different web attack datasets, and then our feature popularity frameworks are applied. For these three web attacks, the XSS and SQL Injection feature subsets are the most similar per the Jaccard similarity. The most popular features across all three web attacks are: Flow\_Bytes\_s, FlowİAT\_Max, and Flow\_Packets\_s. While this introductory study is only a simple example using only three web attacks, this feature popularity concept can be easily extended, allowing an automated framework to more easily determine the most popular features across a very large number of attacks and features.

With increased awareness comes unprecedented expectations. We live in a digital, cloud era wherein the underlying information architectures are expected to be elastic, secure, resilient, and handle petabyte scaling. The expectation of epic proportions from the next generation of the data frameworks is to not only do all of the above but also build it on a foundation of trust and explainability across multi-organization business networks. From cloud providers to automobile industries or even vaccine manufacturers, components are often sourced by a complex, not full digitized thread of disjoint suppliers. Building Machine Learning and AI-based order fulfillment and predictive models, remediating issues, is a challenge for multi-organization supply chain automation. We posit that Federated Learning in conjunction with blockchain and smart contracts are technologies primed to tackle data privacy and centralization challenges. In this paper, motivated by challenges in the industry, we propose a decentralized distributed system in conjunction with a recommendation system model (Matrix Factorization) that is trained using Federated Learning on an Ethereum blockchain network. We leverage smart contracts that allow decentralized serverless aggregation to update local-ized items vectors. Furthermore, we utilize Homomorphic Encryption (HE) to allow sharing the encrypted gradients over the network while maintaining their privacy. Based on our results, we argue that training a model over a serverless Blockchain network using smart contracts will provide the same accuracy as in a centralized model while maintaining our serverless model privacy and reducing the overhead communication to a central server. Finally, we assert such a system that provides transparency, audit-ready and deep insights into supply chain operations for enterprise cloud customers resulting in cost savings and higher Quality of Service (QoS).

The widespread use of smartphones has made the gadget a prime source of evidence for crime investigators. The cloud-based applications on mobile devices store a rich set of evidence in the cloud servers. The physical acquisition of Android devices reveals only minimal data of cloud-based apps. However, the artifacts collected from mobile devices can be used for data acquisition from cloud servers. This paper focuses on the forensic acquisition and analysis of cloud data of Google apps on Android devices. The proposed methodology uses the tokens extracted from the Android devices to get authenticated to the Google server bypassing the two-factor authentication scheme and access the cloud data for further analysis. Based on the investigation, we have also developed a tool to acquire, preserve and analyze cloud data in a forensically sound manner.